Security Operations Architect


Security Operations Architect (Sydney)

Flexibility, opportunity and incredible experiences reward the hard work required to succeed at Deloitte. We support our talented people in achieving their career goals and collectively celebrate success.

About our team
Risk Advisory help our clients identify, manage and elevate their preparedness for risk, driving the risk agenda across key areas of the Australian economy.

We work with our clients to offer insights and perspective on pivotal issues that impact risk across information technology, fraud protection, bribery and corruption, workplace health and safety, business continuity management, security and resilience, project risk, analytics, contract risk, major capital projects and more.

Our Cyber Intelligence Centre (CIC), a 24x7 threat intelligence service that monitors and responds to cyber threats, is proactively helping organisations protect their network, systems, applications, information and reputation in real-time. The Sydney CIC is part of a global network of Deloitte Centres of Excellence (CoE) and Delivery Centres.

About the Role

This position forms a key role in the Australian CIC based in Sydney. With service expansion and growth we are looking for experienced security professionals across a range of information security disciplines.

As part of the CIC engineering team, you will be responsible for architecture, implementation and continuously improvement, and day to day management of our CIC toolset and managed security solutions for our clients. This role will be focused on development of security tools and platforms used by the CIC threat analyst team in day to day monitoring and response activities.

We’re looking for a candidate with experience in security engineering as a primary skill set as you will be involved in design, implementation and management of key security platforms including SIEM, cyber analytics, vulnerability management, Endpoint Detection & Response (EDR), cloud security, threat intel sharing platforms, and automation and orchestration capabilities, etc. In addition you may also have opportunities to work with static code analysis, DLP/CASB and identity management solutions.

We’re looking for someone with strong analytical and problem solving skills who can deliver effective solutions in a timely manner. Ideally the candidate will have previous hands-on experience working in SOC engineering roles or on other operational engagements. The candidate has to be keen to proactively take on business problems and develop technical solutions.

About your experience

  • Previous experience in SOC or operational engineering roles
  • A strong understanding of security event investigation, incident management and SOC operating models.
  • Working knowledge of common business IT systems and experience securing common business platforms
  • Experience with SIEM platforms such as ArcSight, Splunk or data search and indexing solutions like ELK.
  • Experience integrating business systems with a SIEM platform
  • Experience with security orchestration, automation and response solutions such as Demisto or Phantom
  • Experience building solutions hosted in cloud environments such as AWS or Azure
  • Technical experience in general Information Security practices, TCP/IP networking and routing fundamentals, Unix/Linux system administration, network troubleshooting, intrusion detection/prevention.

In addition to this the following skills would be considered highly desirable

  • Experience as a data scientist
  • Experience building analytics models to detect cyber threats
  • Experience with endpoint and network security solutions
  • Experience in a Devops environment
  • Scripting skills highly desirable.
  • Appropriate professional certifications such as CISSP, CISM, CEH, GCIH, GCIA, and vendor technology certifications like CCNP.
  • An individual with excellent written and verbal communication skills.
  • An individual willing to taking on new challenges, gain new skills and work collaboratively in a dynamic and rapidly growing team.
  • Advanced scripting (Python, JS) skills
  • Malware reverse engineering


Next steps

If you're interested in this role, please 'apply now'. If you require more information you can contact Nazneen harris on


Security Operations Architect (Sydney)

Flexibility, opportunity and incredible experiences reward the hard work required to succeed at Deloitte. We support our talented people in achieving their career goals and collectively celebrate success.

About our team
Risk Advisory help our clients identify, manage and elevate their preparedness for risk, driving the risk agenda across key areas of the Australian economy.

We work with our clients to offer insights and perspective on pivotal issues that impact risk across information technology, fraud protection, bribery and corruption, workplace health and safety, business continuity management, security and resilience, project risk, analytics, contract risk, major capital projects and more.

Our Cyber Intelligence Centre (CIC), a 24x7 threat intelligence service that monitors and responds to cyber threats, is proactively helping organisations protect their network, systems, applications, information and reputation in real-time. The Sydney CIC is part of a global network of Deloitte Centres of Excellence (CoE) and Delivery Centres.

About the Role

This position forms a key role in the Australian CIC based in Sydney. With service expansion and growth we are looking for experienced security professionals across a range of information security disciplines.

As part of the CIC engineering team, you will be responsible for architecture, implementation and continuously improvement, and day to day management of our CIC toolset and managed security solutions for our clients. This role will be focused on development of security tools and platforms used by the CIC threat analyst team in day to day monitoring and response activities.

We’re looking for a candidate with experience in security engineering as a primary skill set as you will be involved in design, implementation and management of key security platforms including SIEM, cyber analytics, vulnerability management, Endpoint Detection & Response (EDR), cloud security, threat intel sharing platforms, and automation and orchestration capabilities, etc. In addition you may also have opportunities to work with static code analysis, DLP/CASB and identity management solutions.

We’re looking for someone with strong analytical and problem solving skills who can deliver effective solutions in a timely manner. Ideally the candidate will have previous hands-on experience working in SOC engineering roles or on other operational engagements. The candidate has to be keen to proactively take on business problems and develop technical solutions.

About your experience

  • Previous experience in SOC or operational engineering roles
  • A strong understanding of security event investigation, incident management and SOC operating models.
  • Working knowledge of common business IT systems and experience securing common business platforms
  • Experience with SIEM platforms such as ArcSight, Splunk or data search and indexing solutions like ELK.
  • Experience integrating business systems with a SIEM platform
  • Experience with security orchestration, automation and response solutions such as Demisto or Phantom
  • Experience building solutions hosted in cloud environments such as AWS or Azure
  • Technical experience in general Information Security practices, TCP/IP networking and routing fundamentals, Unix/Linux system administration, network troubleshooting, intrusion detection/prevention.

In addition to this the following skills would be considered highly desirable

  • Experience as a data scientist
  • Experience building analytics models to detect cyber threats
  • Experience with endpoint and network security solutions
  • Experience in a Devops environment
  • Scripting skills highly desirable.
  • Appropriate professional certifications such as CISSP, CISM, CEH, GCIH, GCIA, and vendor technology certifications like CCNP.
  • An individual with excellent written and verbal communication skills.
  • An individual willing to taking on new challenges, gain new skills and work collaboratively in a dynamic and rapidly growing team.
  • Advanced scripting (Python, JS) skills
  • Malware reverse engineering


Next steps

If you're interested in this role, please 'apply now'. If you require more information you can contact Nazneen harris on

Are you viewing this job on LinkedIn? Click here to apply