Consultant — SecOps / AI FDE (Forward Deployed Engineer)

Consultant - SecOps / AI Engineer (Forward Deployed Engineer)

Our Deloitte Cyber team

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions that help clients navigate the ever-changing threat landscape. Through managed services, engineering, and cyber transformation capabilities that simplify complexity, we enable clients to operate with resilience, grow with confidence, and proactively manage cyber risk.

The team

Our Cyber Defense & Resilience offering helps clients defend against advanced threats by transforming security operations, monitoring technology, detection engineering, automation, data analytics, and threat intelligence. We help manage and protect dynamic attack surfaces while improving readiness, response, and recovery across the cyber lifecycle.

Position Summary

Consultant - SecOps / AI Engineer (Forward Deployed Engineer), you will play a critical hands-on role in delivering high-impact security engineering solutions across multiple client environments. This is a client-facing, embedded engineering role for someone who can work directly with client stakeholders, understand operational pain points, and rapidly design, build, and deploy solutions in live or near-live environments.

You will help clients modernize security operations by designing and implementing SIEM, SOAR, detection engineering, security telemetry, automation, and AI-enabled workflows across a range of security platforms and cloud environments. You will combine strong security engineering fundamentals with practical AI/automation skills to improve analyst efficiency, alert fidelity, response speed, and operational scalability.

As a Forward Deployed Engineer, you will serve as the bridge between client needs and technical execution - translating ambiguous requirements into production-ready workflows, integrations, detections, and automation solutions. You will work side by side with SOC teams, threat detection engineers, architects, and client leaders to deliver measurable operational outcomes.

Recruiting for this role ends on 5/31/2026

Key Responsibilities

Design and implement secure, scalable, and resilient security operations solutions across SIEM, SOAR, telemetry, case management, and response platforms in alignment with enterprise security policies and regulatory requirements.

Serve as a Forward Deployed Engineer, embedding with client teams to understand operational workflows, rapidly prototype solutions, and productionize capabilities in client environments.

Lead end-to-end deployment of log ingestion, normalization, enrichment, and routing pipelines using APIs, connectors, data pipelines, and event streaming technologies.

Collaborate with SOC analysts, threat hunters, and detection engineers to prioritize, develop, test, and tune threat detection content aligned to adversary behaviors and enterprise risk.

Translate SOC processes into automation playbooks and orchestration workflows to reduce alert fatigue, improve analyst productivity, and accelerate response.

Design and develop integrations between third-party enterprise systems and security platforms to support automated ingestion, enrichment, triage, investigation, and response.

Build and optimize case management and analyst workflow solutions that improve investigation quality, consistency, and operational metrics.

Apply AI and automation engineering techniques to enhance SecOps use cases such as triage assistance, alert summarization, knowledge retrieval, workflow orchestration, analyst copilots, and response recommendations.

Help define guardrails, testing approaches, and evaluation criteria for AI-enabled security workflows to ensure they are secure, reliable, and operationally useful.

Mentor junior practitioners in security engineering, automation development, and modern SecOps practices.

Stay current on cyber threats, attack techniques, detection strategies, AI engineering trends, and regulatory/compliance developments to continuously improve client security posture.

Contribute to reusable engineering assets, accelerators, implementation patterns, and internal eminence.

Required Qualifications

Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or related field, or equivalent work experience.

1-5 years of experience in security operations, detection engineering, security engineering, or enterprise cyber defense.

Hands-on experience designing, implementing, and optimizing SIEM, SOAR, detection, telemetry, and response workflows across one or more enterprise security platforms.

Experience building and maintaining integrations, automations, and engineering workflows using Python or similar scripting languages.

Strong understanding of security operations concepts, including alerting, detection logic, incident triage, investigation, response, and case management.

Strong knowledge of security frameworks and