Share these opportunities

SIEM Content Specialist, CIC Vaughan

Apply now

Apply for Job

Date Posted: Mar 11, 2019

Reference Code: 35944-en_US

Job Type:  Permanent 
Primary Location: Vaughan, Ontario, Canada 
All Available Locations: Calgary; Montreal; Vancouver; Vaughan 

External Posting Description


Position overview:


You are self-motivated, energetic, driven for success and results oriented.  Your knowledge of security devices, system administration, security operations processes, incident management, professional services and the firm will help you to support delivery and execution of managed security services offered by Deloitte.  You will also be a key player and part of a team providing world-class security operations capabilities for our clients and a capability aligned with our strategic direction and that helps the firm better deliver on new and existing engagements. This position will focus on supporting and maintaining the new and existing clients in the SOC.  Occasional travel to local clients will be required and there are also opportunities for travel nationally and globally if the candidate is interested. This position requires ability to obtain Government of Canada "Secret" security clearance.



  • Responsible for Content Development (rules, use cases, reports, queries, etc.) in SIEM (ArcSight, LogRhythm and/or QRadar);
  • Generate and implement rules based on specific client requirements;
  • Tuning/testing of content to reduce false positives within the SIEM;
  • Create documentation (playbooks) of all content created;
  • Provide input, direction and strategic decisions to help drive content decisions within the SIEM;
  • Ability to assess the content as a result of changes in the client environment;
  • Providing reports on a monthly basis or ad hoc communicating the changes in the content in the SIEM platform;
  • Integrate threat intelligence from various sources into existing and new content;
  • Customize security content including filters/rules/report creation and vulnerability mapping;
  • Participate on Workshops with clients to propose or present use cases;


External Posting Qualifications


Basic Qualifications:


  • Diploma /  Degree in Information Security;
  • Minimum of two (2) years of experience working within information security;
  • Minimum of one (1) year of SIEM Content Development experience;
  • Experience with SIEM technologies (e.g. ArcSight, LogRhythm, QRadar etc.);
  • Strong working knowledge of Security devices (IDS/IPS, Firewalls, Load Balancers, Routing & Switching etc.);
  • Knowledge on Risk assessment, security assessment, Continuous monitoring, Kill chain and regulatory (e.g.: PCI, HIPAA, ISO27000 series).


Preferred Qualifications:


  • Three or more (3+) years of SIEM Content Development experience;
  • Advanced knowledge of security analytics, reporting and creative thinking;
  • Experience on working with Java, Python, PowerShell and Perl scripting;
  • Experience integrating new log sources and data correlation rules into the SIEM;
  • Three or more (3+) years of experience within the information security field;
  • One or more (1+) years of experience with Security Operations and Incident response;
  • Professional certification (e.g.: CISA, CISSP, CISM, EnCE, ISACA, GIAC Certifications).


Why Deloitte?

Launch your career with The One Firm where you can make a greater impact than you ever thought possible. With endless opportunities at every turn, and a culture built to support and drive our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, and lead.

At Deloitte, we understand that everyone, and their career goals, are different. As a firm, we help create the conditions and opportunities that will enable our people to thrive – both professionally and personally. We do this by making three commitments to our people:

  • You will lead at every level: We grow the world’s best leaders so you can achieve the impact you seek, faster.
  • You can work your way: We give you the means to work how you want, and we have innovative spaces and the mindset to help you be wildly successful.
  • You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.

Apply now and let us show you how to push your career to the next level at Deloitte. The One Firm. For You.

Deloitte is an inclusive employer dedicated to building a diverse workforce.  We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective provincial human rights codes throughout all stages of the recruitment and selection process. Please advise the Recruiter to ensure your accessibility needs are accommodated throughout this process.  Information received relating to accommodation will be addressed confidentially.

We thank all applicants in advance for their interest; however, only those candidates selected for an interview will be contacted



Apply now

Apply for Job

Find similar jobs: