Can you imagine taking part in the transformation of leading national and international organizations?

At Deloitte, we are committed to making an impact on society, our clients, and our people.

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Global Cyber Incident Response (GCIR) seeks a hands-on cybersecurity manager to lead analysts supporting global incident response. Reporting to the Senior Manager, this role drives execution, strengthens investigative quality, and improves the processes and tooling that enable fast, reliable outcomes.

The ideal candidate is an inspiring people leader who cultivates a high-performance culture rooted in technical excellence, continuous learning, and professional growth.

Key Responsibilities:

• Lead, coach, and develop incident analysts; set priorities and ensure consistent delivery quality.
• Run surge operations and guide complex investigations; review and elevate analyst findings and reporting.
• Design, architect, and continuously improve the team's automated malware analysis platform, encompassing sample ingestion, sandbox orchestration, artifact extraction, IOC enrichment, and structured reporting
• Own and improve automated malware analysis (ingestion, detonation, artifact extraction, IOC enrichment, reporting).
• Define the technical roadmap and ensure secure, scalable, highly available analysis environments.
• Lead Windows-focused forensics and rapid triage to determine scope, root cause, and attacker tradecraft.
• Deliver clear timelines and recommendations; maintain playbooks and continuous-improvement loops.
• Partner with purple/red teams to validate controls, improve detection coverage, and operationalize learnings.
• Own operational metrics and hiring/onboarding to sustain capability and throughput.

Qualifications

Required:

• Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or a related technical field IR Profile with focus Technical Expertise
• 5+ years in cybersecurity experience managing or leading technical staff
• Profile with Malware Focus:
• Working expertise with IDA Pro, Ghidra, x64dbg, WinDbg, and at least one automated sandbox platform (Cuckoo, Joe Sandbox, ANY.RUN)
• Solid Python skills for analysis scripting
• Hands-on experience designing, building, and maintaining serverless workflows using AWS Lambda, Step Functions (state machines), EventBridge, S3 event triggers, and SQS/SNS for malware processing pipelines
• Comfort with Git workflows, CI/CD pipelines, Docker, and automated testing and deployment practices

• Profile with Forensic / Purple Team Focus:
• Perform end‑to‑end forensic investigations on Windows.
• Conduct in‑depth analysis of logs, disks, network logs and system artifacts to reconstruct attacker activity and identify root cause.
• Advanced detection engineering & telemetry strategy, including SIEM/SOAR (Splunk, Sentinel, Elastic, etc) and expert use of KQL and SPL query languages.
• Solid understanding of APT TTPs and the MITRE ATT&CK framework. Designing and executing complex ATT&CK aligned detection validation programs and adversary simulations.
• Experience producing threat intelligence reports for both technical and non-technical audiences

Preferred Qualifications

• Master's degree in a relevant field
• GREM, CISSP, GCIH, or GCFA certification
• Experience with ARM or mobile malware analysis
• Experience in digital forensics (disk, memory, or network forensics)

• Mastery of investigative tooling such as Magnet AXIOM, X Ways, EnCase, FTK, etc.

• Previous consulting or professional services experience
• AWS certifications (Solutions Architect Associate, Developer Associate, or Security Specialty)

What is it like to work at Deloitte?

�� High-impact projects offering long-term growth and continuous learning opportunities.

☯️ Hybrid and flexible working model, with flexible hours and a healthy balance between remote work and collaboration in our offices or at client sites.

⚽ A positive and collaborative work environment, with team-building activities, cultural and sports events throughout the year.

��‍♀️ Holistic wellbeing, supported by our physical, mental, and financial health programs, including on-site medical services.

�� Social impact, with access to a wide range of national and international volunteering initiatives and pro bono projects where you can contribute your time and talent.

��️ A strong feedback culture and continuous learning, within an inclusive environment that promotes equal opportunities and personalized development plans. You may even see yourself at Deloitte University in Paris.

�� Exclusive benefits, including a comprehensive benefits portfolio and a flexible compensation plan.

Next steps:

If what you have read resonates with you, here is what comes next:

• Apply to the position by clicking " and completing your profile.
• If your experience matches the role, our Talent team will contact you to get to know you better.

Start your journey with Deloitte. We will guide you through each stage of the process until your onboarding.