Search all career opportunities

SIEM Content Specialist - Cyber Intelligence Centre

Apply now

Apply for Job

Date Posted: Nov 16, 2019

Reference Code: 47770-en_US

Job Type: Permanent 
Primary Location: Vaughan, Ontario, Canada 
All Available Locations: Calgary; Toronto; Vancouver 

Be encouraged to deepen your technical skills…whatever those may be.
Be empowered to lead and have impact with clients, our communities and in the office.
Be part of a firm that leads the way and pushes themselves to look like contemporary Canada.


Deloitte is looking for a SIEM Content Specialist to join our Cyber Intelligence Centre in Vaughan. Read more below!

What will your typical day look like?


You will focus on supporting and maintaining the new and existing clients in the SOC.  Using your knowledge of cyberattacks, security devices, security operations processes, incident management, professional services to support delivery and execution of managed security services offered by Deloitte, building SIEM threat content rules in multiple platforms (ArcSight, LogRhythm and/or QRadar); Create documentation (playbooks); Provide input, direction and strategy to help drive decisions; Assess content changes in client environment; Integrate threat intelligence from various sources; Participate in Workshops with clients; Research new attack methods and patterns.

About the team


You will have an amazing team, which is composed of well-experienced and enthusiastic cybersecurity professionals that are passionate on what they do; Team players, working with SecOps and Threat Hunting/Cyber Threat Intelligence, and exchanging information globally on trends and attacks, providing world-class security operations capabilities for our clients and a capabilities aligned with our strategic direction, helping the firm better deliver on new and existing engagements.

Enough about us, let’s talk about you


You are someone who is/has:

  •  Self-Motivated, energetic, driven for success and result oriented
  •  Ability to obtain Government of Canada “Secret” security clearance
  •  Diploma/degree in information security, or equivalent working experience in the field
  •  Minimum of two (2) years of experience working within Security operations / Incident handling;
  •  Experience with SIEM technologies (e.g. ArcSight, LogRhythm, QRadar etc.);
  •  Experience with SIEM Threat content development is a plus
  •  Knowledge on Risk assessment, security assessment, Continuous monitoring, Kill chain/MITRE ATT&CK framework and/or regulatory (e.g.: PCI, HIPAA, ISO27000 series).
  •  Technical certifications (CISSP, CISM, GSEC, CEH, GMON, CCSP) are considered an asset.

Why Deloitte?

Launch your career with The One Firm where you can make an impact that matters in a way that you never thought possible. With endless opportunities at every turn, and a culture built to support and develop our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, connect, and lead. We do this by making three commitments to you:

  • You will lead at every level: We grow the world’s best leaders so you can achieve the impact you seek, faster.
  • You can work your way: We give you the means to be flexible in how you need and want to work, and we have innovative spaces, arrangements and the mindset to help you be wildly successful.
  • You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.

The next step is yours

Sound like The One Firm. For You?

At Deloitte we are all about doing business inclusively – that starts with having diverse colleagues of all abilities!  We encourage you to connect with us at if you require an accommodation in the recruitment process, or need this job posting in an alternative format. We’d love to hear from you!

By applying to this job you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.

Apply now

Apply for Job