Cyber Security Metrics and Analytics – Analyst

Deloitte - Hermitage, TN4.0

Full-timeEstimated: $110,000 - $150,000 a year
Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.

Cyber Security Metrics and Analytics – Analyst
Location: Hermitage/Nashville, TN

Work you’ll do
The US Deloitte ITS Cybersecurity function is responsible for the firm’s overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations center (SOC) and Fusion centers (FC).

The US Cyber Security Metrics and Analytics – Analyst will report to Global Metrics and Analytics Manager and will interact mainly with members of the SOC and Fusion Center Service teams and other teams such as IDS team, Incident Response, Vulnerability Management, Patch management etc. and various levels of leadership to support the Metrics Reporting and Analytics capabilities of the organization and provide effective services to its subscribers.

The role focuses on the design, development, and contextualization of metrics for the Security Operations Center (SOC) and Fusion Center (FC). The aim of this role is to continuously improve Metrics and Analytics program to provide actionable insights to the leadership. Also, to support his/her Global team.

Duties and Responsibilities:
Support and guide Global Cyber Security Metrics & Analytics Manager in the collection, measurement and analysis of key data related Cyber Security metrics, KPIs and KRIs and do reporting that is timely, accurate, consistent, complete and relevant for providing comprehensive information for strategic Cyber Security management decisions.
Provide guidance and support to the team to analyze Cyber Security metric performance data to produce weekly, monthly, quarterly and annual performance reports, and ad hoc reports as requested, in a concise and consistent manner, soliciting input from a number of sources both internal and external to the business unit.
Support and guide the team in the development of dashboard front-end reporting capability for executive reporting that provides critical Cyber Security metric trending and forecasting information, summarized as appropriate for executive-level consumption.
Provide support to the SOC Managers and IR Manager to lead and support the team in the delivery of exceptional customer service that builds trust through responsive, accurate, consistent, knowledgeable and available services and support.
Through in-depth knowledge of Cyber Security Metrics trends/results, provide support to the SOC and IR teams in the early identification of potential risks/impacts that may become apparent through inference, patterns and analysis of Cyber Security metric data, and make recommendations or escalate to management, as per established SOP’s and reporting guidelines.
Play key role in supporting the development of capability to provide current cyber security metric inputs that may be required for regulatory reporting and audit queries.
Take ownership role for the establishment of a current and up-to-date Information Security metrics baseline.
Review all incidents against the daily/weekly metrics to determine if the IR Tracking tools and SIEM are losing effectiveness and to determine if there are needs to modify the tools, algorithms, or workflows.
Based upon the metrics collected the analyst prepares the monthly Cyber readiness report for submission.
Provides a weekly, monthly, and quarterly metrics/ trend analysis reports to various levels of leadership based upon the trends observed over the review period.
Identify opportunities to automate and simplify data reporting and collection.
Creation and delivery of weekly/monthly/quarterly reports.
Actively seek to improve and develop new KPI’s/KRI’s based upon observed and measured SOC activity. Interact daily with the management, Incident Response, and SOC team to understand metric needs for tuning and development.

The Team

Information Technology Services (ITS) helps power Deloitte’s success. ITS is the engine that helps to drive Deloitte, which serves many of the world’s largest organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.

The ~2,200 professionals in ITS deliver services internally including:
Cyber security
Technology support
Technology & Infrastructure
Application development and management
Relationship management group

For more information on ITS, you can visit our dedicated recruitment page at

Cyber Security
The Cyber Security team is responsible for vigilantly protecting Deloitte and client data. The team is responsible for a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.

Areas of focus include:
Cyber design
Risk & Compliance
Technology Risk Management
Identity & Access Management
Data Protection
Incident Response and Architecture