Cyber Security Metrics Analyst - Security Operations Center

Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.

Cyber Security Metrics Analyst - Security Operations Center (2 positions)

Location – Hermitage/Nashville, TN preferred but not required. Open to other locations.

Role and Responsibilities

The Cyber Security Metrics Analyst will interact with members of the IDS team, incident response, vulnerability management, Threat Intel, patch management, various levels of leadership, and SOC analyst teams to support the capabilities of the organization and provide effective services to its subscribers.

Key Responsibilities

Metrics and Data Analysis

  • Support and guide business and technical stakeholders in the collection and analysis of key data related Cyber Security metrics, Internal measures KPIs and KRIs reporting that is timely, accurate, consistent, complete and relevant for the purpose of providing comprehensive information for strategic Cyber Security management decisions.
  • Provide guidance and support to the team to analyze Cyber Security metric performance data to produce weekly, monthly, quarterly and annual performance reports, and ad hoc reports as requested, in a concise and consistent manner, soliciting input from a number of sources both internal and external to the business unit
  • Support and guide the team in the development of dashboard front-end reporting capability for executive reporting that provides critical Cyber Security metric trending and forecasting information, summarized as appropriate for executive-level consumption
  • Provide support to the SOC Manager and IR Manager to lead and support the team in the delivery of exceptional customer service that builds trust through responsive, accurate, consistent, knowledgeable and available services and support.
  • Through in-depth knowledge of Cyber Security Metrics trends/results, provide support to the SOC and IR team in the early identification of potential risks/impacts that may become apparent through inference, patterns and analysis of Cyber Security metric data, and make recommendations or escalate to management, as per established SOP's and reporting guidelines.
  • Play key role in supporting the development of capability to provide current cyber security metric inputs that may be required for regulatory reporting and audit queries.
  • Take ownership role for the establishment of a current and up-to-date Information Security metrics baseline.
  • Review all incidents against the daily/weekly metrics to determine if the IR Tracking tools and SIEM are losing effectiveness and to determine if there are needs to modify the tools, algorithms, or workflows.
  • Based upon the metrics collected the analyst prepares the monthly Cyber readiness report for submission.
  • Provides a weekly, monthly, and quarterly metrics/ trend analysis reports to various levels of leadership based upon the trends observed over the review period.

Documentation and Reporting

  • Creation and delivery of weekly/monthly/quarterly reports.

Content Provider

  • Actively seek to improve and develop new KPI's/KRI's based upon observed and measured SOC activity. Interact daily with the management, Incident Response, and SOC analyst team to better understand metric needs for tuning and development.


  • Less than 50%

Desired Skills & Experience

  • Bachelor's degree in Computer Science or Business Administration, or relevant educational or professional experience.
  • 4+ years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection
  • Experience in IT Business operations metric reporting will be an added bonus
  • Working knowledge and understanding of Cyber Security key performance indicators (KPIs) and key risk indicators (KRIs)
  • Good knowledge of Information Security processes, procedures and controls.
  • Good understanding of Information Security risk and regulatory requirements.
  • Solid understanding of Information Security management reporting processes.
  • Good understanding of industry practices and metric reporting fundamentals.
  • The candidate is familiar with multiple standards and frameworks, including NIST Cyber Security Framework (CSF), ISO 27001 and 27002, Payment Card Industry (PCI) Data Security Standard (DSS), etc.
  • 2+ years' experience in supervising/managing and leading teams to success
  • 2+ years' experience in managing projects and using project management skills
  • Experience in interfacing at multiple levels of client management and building relationships
  • Ability to provide subject matter expertise in designing and enhancing the IT risk/security metrics program will be a bonus
  • Excellent interpersonal and organizational skills
  • Excellent oral and written communication skills
  • Experience with incident/event correlation tools such as ArcSight and Splunk
  • Experience with IR Tracking tools such as IBM Resilient, Swimlane, Archer, or Service Now.
  • Self-motivated to improve knowledge and skills
  • Detail oriented
  • A strong desire to understand the what as well as the why and the how of security incidents
  • Works well both in a team environment and independently
  • A desire to lead a team and assist and mentor others

Requisition code: E18NATSASCNM009-ITL4

See Inside the Office of Deloitte

One of the largest professional services organizations in the U.S., Deloitte delivers innovative solutions to the complex business problems facing companies around the world. Deloitte offers rewarding careers in four businesses—audit, tax, consulting, and financial advisory. Widely recognized for its inclusion initiatives, Deloitte is committed to building a workplace environment that allows people from all generations, ethnicities, and cultures to be their authentic selves.

Back to top