Cyber Google Security Operations – Consultant

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

Position Summary

As a Google SecOps Consultant, you will play a critical hands-on role in delivering high-impact solutions across multiple high-visibility projects. Your SOC engineering skills and advancing skills in Google SecOps tools, threat detection engineering, and automation development will be essential in building solutions that delight customers and drive measurable value for Deloitte’s business objectives.

You will be part of a team that leverages your technical expertise to develop, implement, and optimize Google SecOps threat detection and automation solutions, consistently demonstrating a commitment to high-quality, outcome-focused engineering. Your contributions will help ensure the secure, reliable, and efficient delivery of SOC solutions that meet the needs of both the business and its users.

Recruiting for this role ends on 8/31/2025

The Team

Our Enterprise Security offering embeds security in all aspects of digital transformation by securing a client’s technical backbone while enabling secure digital transformation. Includes security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products.

Key Responsibilities:

• Design and implement secure, scalable, and resilient Google SecOps architectures for deploying SIEM and SOAR platforms that comply with enterprise security policies and regulatory requirements (e.g. GDPR, PCI-DSS).
• Work on end-to-end deployment of log ingestion pipelines using a variety of data fabric technologies and API integrations (e.g. Bindplane + Cloud Feeds).
• Collaborate with SOC analysts and threat detection engineers to prioritize, develop, and tune threat detection content (rules) within Google SecOps to detect malicious behavior and adversaries within enterprise environments.
• Translate SOC processes to automation playbooks within SOAR to alleviate alert fatigue and scale alert triage and response.
• Develop and facilitate custom integrations between third-party platforms and security tooling and Google SecOps to support automated data ingestion, alert enrichment, and response.
• Support the developments of case management solutions within Google SecOps SOAR to ensure strong operational metrics support and optimization of the analyst experience.
• Stay current on cyber security threats, vulnerabilities, and compliance trends to enhance organizational security posture.

Required Qualifications:

• Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field (or equivalent work experience).
• 2+ years of experience in security operations, threat detection engineering, or enterprise IT security.
• Strong knowledge of security principles and frameworks such as MITRE ATT&CK and Killchain.
• Proficient scripting skills in Python for automation and integration development.
• Scripting skills in Gostash or Logstash for log normalization / parsing.
• Familiarity with ETL (Extract, Transform, Load) pipelines and associated concepts (e.g. Cribl, Bindplane, NXLog, Kafka)
• Limited immigration sponsorship may be available
• Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve

Preferred Qualifications:

• Familiarity with Threat Hunting and Cyber Threat Intelligence fundamentals.
• Familiarity or experience with Google Cloud’s SecOps tool stack and architecture (specifically SIEM and SOAR, FKA Google Chronicle and SIEMplify, respectively).
• Familiarity in data fabric technologies (Bindplane, Cribl)
• Foundational knowledge in infrastructure and networking fundamentals, such as IP networking, VPNs, DNS, load balancing, and firewalling concepts.
• Familiarity with Cloud infrastructure broadly, exposure to multi-cloud environments (AWS, Azure)
• Experience with SIEM and / or SOAR tools (e.g. Splunk, XSOAR).
• Experience in Virus Total / Mandiant products and solutions, or Google Threat Intelligence.
• Familiarity with AI frameworks such as MCP and ADK for agentic workflow development / integration specific to SecOps tooling (e.g. SIEM, SOAR, GTI, ASM)

Information for applicants with a need for accommodation:
https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is$80,400 - $148,000

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.