Job details
Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Recruiting for this role ends on May 31, 2026.
Work You'll Do
The Data Platform Engineer is responsible for hands-on administration and support of security data platforms (e.g., Splunk and security data lakes). This role ensures stable data flows, integration, and platform operations to maintain a resilient, scalable security analytics capability supporting monitoring, incident response, threat analysis, and compliance reporting.
Key Responsibilities:
The Team
Deloitte's Government & Public Services (GPS) practice - our people, ideas, technology and outcomes - is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.
The Project Delivery Talent Model is designed for professionals with specialized skills that align to a current client need. Team members focus on delivering services to clients, without additional expectations related to business development or promotion. Their employment is tied to their role on a project, and they are eligible for a benefits package that is competitive for project delivery-focused professionals.
Qualifications
Required:
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $88,600 to $163,100.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
Recruiting for this role ends on May 31, 2026.
Work You'll Do
The Data Platform Engineer is responsible for hands-on administration and support of security data platforms (e.g., Splunk and security data lakes). This role ensures stable data flows, integration, and platform operations to maintain a resilient, scalable security analytics capability supporting monitoring, incident response, threat analysis, and compliance reporting.
Key Responsibilities:
- Administer and maintain enterprise security data platforms to ensure availability, performance, and reliability.
- Support event ingestion onboarding and sustainment using multiple methods (e.g., syslog, DBX, and Splunk Technical Add-ons (TAs)).
- Install, upgrade, patch, and troubleshoot Enterprise Log Manager (ELM) and Security Information and Event Management (SIEM) components and supporting infrastructure.
- Support Splunk platform capabilities and apps as applicable (e.g., Splunk Enterprise Security (ES), User Behavior Analytics (UBA), and Splunk Core/Enterprise).
- Configure, tune, and maintain parsing and normalization so data aligns to the Splunk Common Information Model (CIM).
- Create and maintain custom TAs to standardize data onboarding and improve analytics outcomes.
- Perform routine monitoring, health checks, and maintenance; troubleshoot ingestion, parsing, and platform issues.
- Partner with security operations and engineering teams to optimize telemetry for detection, response, and operational/compliance reporting.
- Produce and maintain runbooks, SOPs, and technical documentation; contribute to continuous process improvement.
The Team
Deloitte's Government & Public Services (GPS) practice - our people, ideas, technology and outcomes - is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.
The Project Delivery Talent Model is designed for professionals with specialized skills that align to a current client need. Team members focus on delivering services to clients, without additional expectations related to business development or promotion. Their employment is tied to their role on a project, and they are eligible for a benefits package that is competitive for project delivery-focused professionals.
Qualifications
Required:
- Bachelor's degree or equivalent relevant work experience.
- Ability to obtain Public Trust clearance
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
- Ability to travel 25%, on average, based on the work you do and the clients and industries/sectors you serve
- 4+ years of experience supporting enterprise data platforms.
- 4 + years of hands-on experience installing, updating, and maintaining ELM/SIEM solutions and supporting technologies, including:
- Splunk (e.g., ES, UBA, Core/Enterprise)
- Cribl (or comparable data pipeline tooling)
- Red Hat (or similar Linux OS)
- VMware environments
- Demonstrated experience configuring and maintaining event ingestion methods (e.g., syslog, DBX, TA software).
- Proven ability to create and maintain custom TAs to parse data into Splunk CIM format.
- Experience troubleshooting, monitoring, and performing routine maintenance of data systems.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $88,600 to $163,100.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
