Job Specs Job Name: NSE Senior Security Analyst
Location: Bologna, Milano, Napoli, Roma, Torino, Treviso
Business: CYBER RISK
Seniority: Experienced
Legal Entity: RISK ADVISORY What impact will you make?
The Security Analyst is a member of the NSE Cyber Incident Response team and is responsible for providing Cyber Incident response expertise across North South Europe (NSE) at Deloitte.
Reporting to the NSE Head of Cyber Incident Response, the role provides support for a range of operational security activities including incident analysis, remediation support, and detailed investigations at Deloitte.

Key Responsibilities: Leads in preparation of internal communications.
Maintains chain of custody of incident evidence.




Drives recommendations to resolve incidents and/or reduce the impact of incidents, to bypass and/or prevent future similar incidents.
Responsible for the overall management of the NSE IR Ticket queue, handling and resolving Incident Tickets as required.
SME for technical services needed for cyber incident response investigations including containment, eradication, and remediation activities.
Leads with assessing the scope of incident damage.
Determines incident severity.
Maintains documentation throughout a cyber incident.
Drafts post-incident reports to senior leadership to convey impact, origin, root cause, and remediation.
Provides direct guidance and oversight to Service Management during an Incident Response as required.
How do you do this?
Recommended minimum of 5 years of combined experience in Information Security/Cybersecurity including either Operational Security (SOC) or Cyber Incident Response experience.

Demonstrated understanding of the incident lifecycle and security operations, working knowledge of triage and analysis tools, and a strong understanding of cybersecurity threats.

Demonstrated understanding of incident response casework,



including maintaining case information, chain of custody reporting, and full documentation of issues from identification through remediation.

Proven track record and experience in a highly complex and global organization.

Excellent problem-solving and troubleshooting skills with experience exercising mature judgment.

Excellent teamwork and interpersonal skills.

Relevant professional security management certification is desirable but not a requirement for the role.

Personal Strengths: Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate highly complex cybersecurity topics and concepts to technical and non-technical audiences at various hierarchical levels.

Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and associated tasks.

Ability to adapt, operate, and lead in a high-tempo, dynamic, and potentially high-pressure environment.





Strong operational knowledge of a number of preventive and detective security controls (knowledge of ALL these areas is NOT required), e.g.
firewalls, advanced endpoint solutions, Data Loss Prevention (DLP), web security solutions, email gateways, Security Information and Event Management (SIEM).

Good knowledge of a number of general IT technologies and concepts (knowledge of ALL these areas is NOT required), e.g.
routers, switches, messaging systems, server operating systems (Windows, Linux), desktop and mobile operating systems (Windows, macOS, iOS), cloud services and architecture, vulnerability management.

Desirable: Understanding of Cloud computing and incident response in a Cloud-based environment.

Ability to quickly analyze large amounts of information and formulate action plans based on that analysis.

Where: Any of the NSE Countries
#J-18808-Ljbffr