Manager - AI SOC
Strategy, Growth, and Transformation | Enterprise Technology Strategy and Transformation
Chicago, Illinois, United States
Position Summary
As a Manager - Cyber Defense and Resilience, you will play a hands-on role in delivering security engineering solutions across client environments, with a focus on modernizing security operations through security information and event management, security orchestration automation and response, detection engineering, telemetry, automation, and artificial intelligence-enabled workflows. In this embedded, client-facing role, you will work directly with client stakeholders to understand operational pain points, design practical solutions, and deploy capabilities in live or near-live environments. You will help translate ambiguous requirements into production-ready workflows, integrations, detections, and automation outcomes.
Recruiting for this role ends on 06/30/2026.
Work you'll do
As a Manager - Cyber Defense and Resilience on the Cyber Defense & Resilience team, you will be responsible for:
- Leading the design and implementation of secure, scalable security operations solutions across security information and event management, security orchestration automation and response, telemetry, case management, and response platforms
- Serving as an embedded engineering lead with client teams to translate operational workflows and requirements into production-ready security capabilities
- Overseeing the deployment of log ingestion, normalization, enrichment, routing, detection, and orchestration workflows using application programming interfaces, connectors, and data pipelines
- Guiding the application of automation and artificial intelligence to security operations use cases such as triage assistance, workflow orchestration, alert summarization, and response recommendations
- Mentoring junior practitioners and contributing reusable engineering assets, accelerators, and implementation patterns that support client delivery and practice growth
A successful candidate would possess these skills:
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to mentor and provide clear guidance to others
The team
Deloitte’s Cyber Defense & Resilience team helps clients defend against advanced threats by improving security operations, detection engineering, monitoring, automation, analytics, and threat intelligence capabilities. The team works with organizations to strengthen operational resilience, manage evolving attack surfaces, and improve readiness, response, and recovery through scalable engineering and transformation solutions.
Qualifications
Required:
- Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, or a related field, or equivalent work experience
- 10+ years of experience in security operations, detection engineering, security engineering, or enterprise cyber defense
- Hands-on experience designing, implementing, and optimizing security information and event management, security orchestration automation and response, detection, telemetry, and response workflows across one or more enterprise security platforms
- Experience building and maintaining integrations, automations, and engineering workflows using Python or a similar scripting language
- Experience working directly with clients or internal stakeholders to translate operational requirements into technical solutions
- Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
- Limited immigration sponsorship may be available.
Preferred:
- Experience across multiple security platforms such as security information and event management, security orchestration automation and response, extended detection and response, attack surface management, threat intelligence platforms, endpoint detection and response, and case management tools
- Experience with Amazon Web Services, Microsoft Azure, or Google Cloud, including security telemetry and cloud-native security services
- Experience with threat hunting, cyber threat intelligence, or purple team collaboration
- Experience applying artificial intelligence, machine learning, or large language model workflows to security operations, including orchestration, retrieval, evaluation, or human-in-the-loop response patterns
- Experience with frameworks or tools that support artificial intelligence-enabled engineering workflows
- Relevant industry certifications such as Security+, Global Information Assurance Certification Security Essentials, Global Information Assurance Certification Certified Intrusion Analyst, Global Information Assurance Certification Certified Incident Handler, Certified Information Systems Security Professional, Certified Cloud Security Professional, Splunk, cloud security, or related engineering certifications
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is [INSERT WAGE RANGE - MANAGER].
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at USTalentCICInbox@deloitte.com.
**Recruiting tips**
From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
**Our people and culture**
Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas, and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.
Our purpose
Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more.
**Professional development**
From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.
As used in this posting, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see [www.deloitte.com/us/about](http://www.deloitte.com/us/about) for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Requisition code: 353038
Job ID 353038