WHO ARE WE?

Accenture is a global professional services company with leading capabilities in digital, cloud and security. Find out more about us at www.accenture.com.

DESCRIPTION

Take your career to the next level, by joining our passionate Security team and work on challenging projects that have immediate business impact.
About Accenture Managed Detection & Response with Sovereign delivery capability
Organizations around the world rely on Accenture’s MDR to build and maintain resilient incident management programs. We offer both global reach and local presence, with the scale to support even the largest enterprises and government agencies.

Every week, Accenture’s SOC:

• Analyze over 125 billion log entries
• Identify over 62,000 potential security events
• Escalate over 11,000 validated security incidents

Work as part of a world class customer focused team, protecting customers from threats through analysis of log data, providing clear, detailed and timely alerts that can be acted on. The Security Analysis team delivers real time security monitoring and alerting, analysing logs from over 450 supported device types, while adhering to strict service-level agreements. We are the front line in protecting our customers.

QUALIFICATIONS

• 
  
  
  
• Excellent customer service and interpersonal skills.

• Passion for cyber security, learning, and knowledge sharing.
• Experience in an operational environment, with customer-facing responsibilities.
• Previous experience in an information/cyber security role – ideally focused on intrusion detection/security monitoring and analysis.
• An excellent understanding of the cyber security threat landscape, including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods, and infection vectors.
• An excellent understanding of computer networking, including a detailed understanding of TCP/IP and other core Internet protocols.
• An excellent understanding of computer and network security.
• Excellent technical and troubleshooting skills with the ability to be dynamic and adapt in order to solve complex technical issues with customers and partners.
• The ability to communicate clearly at all levels, demonstrating strong verbal and written communication skills.
• Experience retrieving information and generating reports using KQL for Sentinel, UDM search query for Google Secops or SPL for Splunk.
• Experience using python to automate basic analysis tasks.
• Experience with any SIEM products such as: Microsoft Sentinel (highly preferred), Google SecOps and Splunk.
• Experience with one or more of the following EDR products would be preferred: Crowdstrike, Microsoft Defender, Carbon Black.
• One or more of the following certifications would be desirable: SANS GCIA, SANS GCFA, SANS GCFE, OSCP.

• 
  
  
  
• Investigate attacks against customer networks.

• Monitor and analyze log data, network traffic and/or alerts generated by a variety of security technologies in real-time; escalate and explain validated security incidents to customers.
• Write up security incident reports detailing the threat, its characteristics, and possible remediation activities.
• Research new threats and ensure appropriate detection capabilities are in place to identify and respond to these threats.
• Routinely review security incidents and other customer deliverables for adherence to the established procedures and guidelines. Document, rectify, and provide feedback to other analysts as necessary.
• Ensure the quality and timeliness of the security incident detection and classification service.
• Ensure standards and procedures are adhered to within defined SLA’s.
• Articulate security issues to customers, both verbally and written.
• Identify opportunities for process improvement.
• Manage and track customer issues and requests.
• Support other teams as needed.
• Train Associate Security Analysts and Security Analysts.
• Support SOC tour as required.
• Train Associate Security Analysts and Security Analysts.
• Support SOC tour as required.
• Build automated response process using the soar tool
• Create playbook to guide incident handling.