This role supports the integration of network monitoring technologies across Operational Technology (OT), Industrial Control Systems (ICS), and enterprise network environments, including on-premises and cloud infrastructure. The Cloud Integrated Infrastructure Engineer III will help deploy and troubleshoot monitoring devices, analyze network and endpoint activity, and support cyber defense operations in complex client environments. This role also offers exposure to Security Operations Center (SOC) functions, including monitoring, investigation, and threat analysis.

Work you'll do

As a Cloud Integrated Infrastructure Engineer III on the Hybrid Cloud Infrastructure team, you will be responsible for...
• Design, deploy, configure, and maintain network monitoring devices in Operational Technology (OT) environments
• Troubleshoot network connectivity, traffic visibility, sensor integration, and device installation issues across enterprise and OT networks
• Update and create network diagrams using existing documentation, network traffic analysis, and physical review of equipment
• Support vulnerability management and security assessments using Security Technical Implementation Guides (STIGs) and National Institute of Standards and Technology (NIST) security controls
• Analyze network traffic, system logs, and security alerts to support monitoring, incident response, malware analysis, and threat hunting activities

A successful candidate would possess these skills:
• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to provide clear guidance to others

Qualifications

Required:
• Bachelor's degree or equivalent experience

3+ years of experience in network engineering, systems integration, or security operations that includes installation and troubleshooting of network monitoring devices
• Active Secret security clearance
• Ability to work onsite in Dahlgren, Virginia 100% of the time
• Experience configuring routing and switching technologies and deploying network sensors using virtual local area networks (VLANs), trunking, TAPs, SPANs, routing protocols, access control lists (ACLs), and network segmentation, including packet loss analysis, visibility limitations, and detection coverage validation
• Experience supporting vulnerability management or security assessments using Security Technical Implementation Guides (STIGs) and National Institute of Standards and Technology (NIST) security controls, and analyzing network traffic, packet captures, or system logs in support of security investigations
• Ability to travel 20%, on average, based on the work you do and the clients and industries/sectors you serve.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Preferred:
• Experience with security information and event management (SIEM) platforms such as Elastic SIEM, Splunk, or Cribl
• Experience with network analysis tools such as Wireshark, Suricata, or Zeek
• Experience with Operational Technology (OT) or Industrial Control Systems (ICS), including programmable logic controllers (PLCs), human-machine interfaces (HMIs), or historians
• Experience with security or infrastructure tools such as Dragos, Nessus, CrowdStrike, Endgame, Gray Noise, or Shodan
• Experience with industrial or network protocols such as Transmission Control Protocol/Internet Protocol (TCP/IP), Internet Control Message Protocol (ICMP), Hypertext Transfer Protocol Secure (HTTPS), Domain Name System (DNS), Secure Shell (SSH), Server Message Block (SMB), BACnet, Modbus, or Supervisory Control and Data Acquisition (SCADA)
• One or more of the following certifications: Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), Cisco Certified Network Associate (CCNA), CompTIA Network+, Palo Alto Networks Certified Network Security Administrator (PCNSA), Palo Alto Networks Certified Network Security Engineer (PCNSE), AWS Advanced Networking Specialty, Offensive Security Certified Professional (OSCP), GIAC Response and Industrial Defense (GRID), CERT Certified Computer Security Incident Handler, GIAC Certified Forensic Analyst (GCFA), GIAC Information Security Fundamentals (GISF), or Certified Information Systems Security Professional (CISSP)

For individuals assigned and/or hired to work in Virginia, Deloitte is required by law to include a reasonable estimate of the compensation range for this role. This compensation range is specific to Virginia and takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $113,000 to $188,400.

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.