Job description

Cyber Google Security Operations Manager Position Summary Our Deloitte Cyber team understands the unique challenges and opportunities in cybersecurity. Join our team to deliver strong solutions that help clients navigate the changing threat landscape. With effective solutions and managed services that reduce complexity, we help clients operate with resilience. Clients can grow with confidence and manage risks to secure success. As a Google SecOps Manager, you will deliver important solutions for high-visibility projects. Your advanced SOC engineering skills and strong knowledge of Google SecOps tools, threat detection engineering, and automation development are essential. These skills will help build solutions that satisfy customers and support Deloitte's business goals. Leverage your technical expertise to develop, implement, and optimize Google SecOps threat detection and automation solutions. Consistently show a commitment to high-quality, outcome-focused engineering. As a technical leader and mentor, collaborate closely with cross-functional teams. Share best practices and guide less experienced engineers in using modern Google SecOps methods. Your work will help ensure secure, reliable, and efficient SOC solutions for the business and its users. Recruiting for this role ends on 8/31/2025 Work You'll Do • Lead a team to design and build secure, scalable Google SecOps architectures. Implement SIEM and SOAR platforms that meet security policies and regulations, such as GDPR and PCI-DSS. • Lead end-to-end deployment of log ingestion pipelines. Use data fabric technologies and API integrations, such as Bindplane and Cloud Feeds. • Collaborate with SOC analysts and threat detection engineers to prioritize, develop, and adjust threat detection rules in Google SecOps. Detect malicious behavior and adversaries in enterprise environments. • Translate SOC processes to automation playbooks within SOAR to alleviate alert fatigue and scale alert triage and response. • Lead and mentor junior team members in SOC engineering (SIEM + SOAR) and process development. • Develop and manage custom integrations between third-party platforms, security tools, and Google SecOps. Support automated data ingestion, alert enrichment, and response. • Architect and build strong case management solutions in Google SecOps SOAR. Ensure these solutions support operational metrics. Optimize the analyst experience. The Team Our Enterprise Security offering embeds security in all aspects of digital transformation by securing a client's technical backbone while enabling secure digital transformation. Includes security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products. Required Qualifications • Bachelor's degree in computer science, Cybersecurity, Information Systems, or related field (or equivalent work experience). • 9+ years of experience in security operations, threat detection engineering, or enterprise IT security. • Has deep hands-on experience with Google Cloud's SecOps tool stack and architecture. Has special experience with SIEM and SOAR (formerly Google Chronicle and SIEMplify). • Strong knowledge of security principles and frameworks such as MITRE ATT&CK and Killchain. • Proficient scripting skills in Python for automation and integration development. • Scripting skills in Gostash or Logstash for log normalization / parsing. • Familiarity with ETL (Extract, Transform, Load) pipelines and associated concepts (e.g. Cribl, Bindplane, NXLog, Kafka) • Experience in Virus Total, Mandiant products and solutions, or Google Threat Intelligence. • Experience with multiple SIEM or SOAR tools, such as Splunk or XSOAR. • Limited immigration sponsorship may be available • Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve Preferred Qualifications • Certifications such as: Google Cloud Professional Architect, Google Cloud Professional Security Engineer, Certified Cloud Security Professional. • Stay current on cyber security threats, vulnerabilities, and compliance trends to enhance organizational security posture. • Ability to facilitate discussions on scope and build requirements with internal and external parties to deliver against expectations. • Familiarity with Threat Hunting and Cyber Threat Intelligence fundamentals. • Proficiency in data fabric technologies (Bindplane, Cribl). • Foundational knowledge in infrastructure and networking fundamentals, such as IP networking, VPNs, DNS, load balancing, and firewalling concepts. • Familiarity with Cloud infrastructure broadly, exposure to multi-cloud environments (AWS, Azure). • Familiarity with AI frameworks like MCP and ADK for agentic workflow development or integration is required. This applies to SecOps tools such as SIEM, SOAR, GTI, and ASM. Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $124,700 - $229,500 You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Requirements