Cyber Google Security Operations - Senior Consultant

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success. Position Summary As a Senior Consultant, you will play a critical hands-on role in delivering high-impact solutions across multiple high-visibility projects. Your advanced SOC engineering skills and deep proficiency in Google SecOps tools, threat detection engineering, and automation development will be essential in building solutions that delight customers and drive measurable value for Deloitte's business objectives. You will leverage your technical expertise to develop, implement, and optimize Google SecOps threat detection and automation solutions, consistently demonstrating a commitment to high-quality, outcome-focused engineering. As a technical leader and mentor, you will collaborate closely with cross-functional teams, sharing best practices and guiding less experienced engineers in adopting modern Google SecOps methodologies. Your contributions will help ensure the secure, reliable, and efficient delivery of SOC solutions that meet the needs of both the business and its users. Recruiting for this role ends on 8/31/2025 Key Responsibilities: • Design and implement secure, scalable, and resilient Google SecOps architectures for deploying SIEM and SOAR platforms that comply with enterprise security policies and regulatory requirements (e.g. GDPR, PCI-DSS). • Lead end-to-end deployment of log ingestion pipelines using a variety of data fabric technologies and API integrations (e.g. Bindplane + Cloud Feeds). • Collaborate with SOC analysts and threat detection engineers to prioritize, develop, and tune threat detection content (rules) within Google SecOps to detect malicious behavior and adversaries within enterprise environments. • Translate SOC processes to automation playbooks within SOAR to alleviate alert fatigue and scale alert triage and response. • Mentor junior team members in SOC engineering (SIEM + SOAR) and process development. • Develop and facilitate custom integrations between third-party platforms and security tooling and Google SecOps to support automated data ingestion, alert enrichment, and response. • Architect and build robust case management solutions within Google SecOps SOAR to ensure strong operational metrics support and optimization of the analyst experience. • Stay current on cyber security threats, vulnerabilities, and compliance trends to enhance organizational security posture. Required Qualifications: • Bachelor's degree in computer science, Cybersecurity, Information Systems, or related field (or equivalent work experience). • 7+ years of experience in security operations, threat detection engineering, or enterprise IT security. • Deep hands-on experience with Google Cloud's SecOps tool stack and architecture (specifically SIEM and SOAR, FKA Google Chronicle and SIEMplify, respectively). • Strong knowledge of security principles and frameworks such as MITRE ATT&CK and Killchain. • Proficient scripting skills in Python for automation and integration development. • Scripting skills in Gostash or Logstash for log normalization / parsing. • Familiarity with ETL (Extract, Transform, Load) pipelines and associated concepts (e.g. Cribl, Bindplane, NXLog, Kafka) • Limited immigration sponsorship may be available • Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve Preferred Qualifications: • Certifications such as: Google Cloud Professional Architect, Google Cloud Professional Security Engineer, Certified Cloud Security Professional. • Familiarity with Threat Hunting and Cyber Threat Intelligence fundamentals. • Proficiency in data fabric technologies (Bindplane, Cribl) • Foundational knowledge in infrastructure and networking fundamentals, such as IP networking, VPNs, DNS, load balancing, and firewalling concepts. • Familiarity with Cloud infrastructure broadly, exposure to multi-cloud environments (AWS, Azure) • Experience in multiple SIEM and / or SOAR tools (e.g. Splunk, XSOAR). • Experience in Virus Total / Mandiant products and solutions, or Google Threat Intelligence. • Familiarity with AI frameworks such as MCP and ADK for agentic workflow development / integration specific to SecOps tooling (e.g. SIEM, SOAR, GTI, ASM) Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is$102,500 - $188,900 You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.