Career Opportunity for T&T-Cyber-D&R-EDR professionals with Crowdstrike exp mandatory – DM(5-8 yrs)-Bengaluru

Service Line-Technology & Transformation – Cyber Defense and Resilience

Designation-DM

Experience Level-5-8 Years

What impact will you make?

Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration, and high performance. As the undisputed leader in professional services,

Deloitte is where you’ll find unrivalled opportunities to succeed and realize your full potential.

The Team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks.

Job Description

Preferred Knowledge

We are seeking a highly skilled and experienced SME/Manager to lead our security engineering platform management. The successful candidate will be responsible for managing and optimizing Endpoint Detection & Response (EDR), Extended Detection & Response (XDR), Email Security, Cloud Security Posture Management (CSPM), Identity Providers (IdP), and Network Detection & Response (NDR) solutions. The candidate should also have a strong understanding of Active Directory (AD), ADFS, Single Sign-On (SSO), Azure IdP, and Network Security.

Should have the following skills: Excellent communication and presentation skills

• Analytical and problem-solving skills
• Strong infrastructure security, email security, cloud security, identity security architectures and solutions skills
• Strong product Implementation skills.
• Expertise in managing and deploying CrowdStrike EDR and Microsoft XDR solutions.
• Strong knowledge and hands-on experience in Email Security platforms (e.g., Proofpoint, Mimecast).
• Proficiency in CSPM (e.g., Wiz, Palo Alto Prisma Cloud, Microsoft Defender for Cloud) and its integration with cloud platforms (AWS, Azure, GCP).
• Deep understanding of Identity Provider (IdP) solutions, including AD, Azure AD, SSO, and ADFS.
• Proficiency in NDR solutions (e.g., Cisco Stealthwatch, Vectra AI) and network security best practices.
• Good understanding of network security fundamentals, including firewall configurations, VPN, zero-trust networking, and segmentation.
• Hands-on experience with cloud security solutions and services, including Azure Security Center.
• Excellent troubleshooting and incident response skills for advanced cybersecurity issues.
• Ability to develop and enforce security policies and procedures.
• Strong communication and interpersonal skills, with the ability to explain complex security issues to non-technical stakeholders.
• Experience with security automation, orchestration, and scripting (e.g., Python, PowerShell).
• Strong project management and team leadership skills.
• Knowledge of latest security threats, vulnerabilities, and industry trends.

Work you’ll do

Roles & Responsibilities

Lead the technical team, providing mentorship and guidance to foster growth, knowledge sharing, and innovation within the security engineering unit.

Lead the development of Monthly Board Review (MBRs) and Quarterly Board Review (QBRs) reports, presenting key insights, metrics, and highlights to clients and stakeholders.

Develop, execute and Lead innovations within the team, fostering an automation mindset to streamline security processes and increase operational efficiency.

Strong communication skills, ensuring effective interaction with clients, cross-functional teams, and senior management.

Strong technical analytics and troubleshooting (SME-level) skills to analyze complex security issues and provide deep technical resolutions.

Manage, deploy, and optimize EDR (CrowdStrike) and XDR (Microsoft) solutions to ensure comprehensive endpoint and network security.

Lead and oversee Email Security platform management, ensuring strong phishing protection, email encryption, and advanced threat prevention.

Ensure the effective deployment and management of CSPM (e.g., Wiz or similar), maintaining visibility and compliance across cloud environments.

Administer and manage IdP solutions, focusing on Azure AD, ADFS, SSO integration, and secure identity management practices.

Lead NDR (e.g., Vectra AI or Cisco Stealthwatch) platform management to monitor network traffic for anomalous behavior and network-based threats.

Ensure compliance with industry standards and best practices for security policies and configurations.

Provide leadership and guidance for team members in Security Engineering, driving best practices and security maturity.

Work with clients to understand their security needs and align security platforms to meet business objectives.

Collaborate with cross-functional teams to deliver strategic security assessments and reviews.

Responsible of daily monitoring of client’s managed products and operations

Maintain 100 % SLA and compliance on deliveries with quality and process follow up.

Develop and implement a comprehensive Cloud, IdP, Email Security strategy that aligns with the organization's cloud security goals, industry best practices, and compliance requirements.

Design and implement a framework for Azure identity protection that includes multi-factor authentication, conditional access policies, identity governance, and privileged access management.

Utilize Azure Identity Protection tools and techniques to continuously assess identity-related risks and vulnerabilities. Analyze risk factors and provide guidance on mitigation strategies.

Implement and manage email filtering solutions to identify and block phishing attempts, malicious attachments, and suspicious URLs.

Configure and monitor advanced threat protection mechanisms to detect and neutralize sophisticated email threats, including business email compromise (BEC) attacks.

Collaborate with cross-functional teams to develop and implement effective remediation plans for identified security issues. Provide guidance on best practices and secure configurations.

Participate and/or lead efforts in timely and effective problem analysis/resolution and change implementation in accordance with approved Problem and Change Management disciplines.

Strive for no outages or problems resulting from the installation, maintenance or enhancement of products/tools used to support our customers.

Lead proactive efforts to get underneath any/all process breakages; Lead correction action plans and mechanisms to provide ongoing improvements.

Investigating the root cause of suspicious threats and analyzing the global threats in environment and implement the preventive strategies.

Coordinate with auditors on internal and external audits.

Ensure L2 & L3 members are completed the BAU tasks on time and deliverables are met on daily basis

RCA review and presentation

Ensure proactive monitoring and fixing the identified issue and resulted to avoid major tickets-P1/P2's.

Participate and supporting to all MI, Problem Record, Change Management.

Promote standardization efforts by helping or leading efforts to develop and/or contribute to account documentation, account quality measurements, and account standardized delivery.

Drive increased utilization of automation tools to achieve measurable improved productivity

Solution review & recommendations skills

The key skills required are as follows:

Required

Professional Experience

Minimum of 5+ years of practical and proven experience within the information security (Endpoint Security, Cloud Security, Identity Protection, Network Security, Email Security) field

Strong understanding of infrastructure, Endpoint, cloud, network, email security architectures, solutions, processes, frameworks, and components

Hands-on experience Managing and developing security policies, vulnerability management, and governance strategies

Hands-on experience working with

Endpoint Security

Cloud Security Posture Management

Cloud Access Security Broker

Azure Identity protection – Active directory, O365

Microsoft Defender for Identity protection

Active Directory, ADFS, SSO configuration, Azure Identity protection, Identity Management, O365 Identity, Azure MFA

Email Security

Network Security

Understanding of load balancing, geo-redundancy, CDN and VPN technologies.

Preferred

Educational Qualification

Bachelor’s/Master’s Degree

Certifications

Certifications of Azure Identity management & protection, Cloud Security, ITIL or ISO27001 etc

• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• Certified Information Security Manager (CISM)
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• CrowdStrike Certified Falcon Administrator
• Azure Security Engineer Associate