Cyber Incident Response Specialist

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent and innovation led company with 738,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology with unmatched industry experience, functional expertise and global delivery capability. We are uniquely able to deliver tangible outcomes because of our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Accenture Song. Visit us at www.accenture.com

Act as the first responder for cyber-security incidents identified through different channels, Human Resources, Employee Relations, Corporate Investigations, ASOC, Infrastructure CIRT, and client escalations.

Investigate cases such as, but not limited to:
•    Acceptable Use Policy / Code of Business Ethics Violation
•    Malware
•    Fraud, Intellectual Property Theft, Industrial Espionage
•    Cyber Attack / Hacking / APT / Security Breaches
•    Mobile Devices

Execute documented processes within all activities of the CIRT playbook and security incident response lifecycle. Escalate security events, depending on determined crisis levels, to management in accordance with the incident response plan

Collect, preserve and process volatile information and evidences needed to conduct highly-confidential forensic investigations. Investigation of digital evidences may include: 
•    Storage media (i.e. hard drives, optical and flash media)
•    Electronic data (i.e. electronic files, pictures, web data, technology device logs)
•    Mobile devices (i.e. mobile phones, tablets)
•    Volatile media (i.e. workstation memory)

Ensures forensic investigation and incident response procedures comply with standard operating procedures, processes, policies, guidelines, and forensics best practices. 

Examine and analyze security events or incidents, and investigate significant issues, related to technology infrastructure. Employ technical, investigative and analytical skills to solve a wide range of complex issues or problems. 

Coordinate and resolve, or provide recommendations as necessary, containment and remediation steps, until security incident closure.

Produce detailed written reports outlining the circumstances around the incident, present forensic evidences to a non-technical audience and provide further input as expert opinion. Present and communicate investigation results and relevant findings, for administrative or legal purpose, to internal stakeholders, senior management, auditors or clients, and testify in court as an expert witness, as necessary.

Participate in the improvement and development of forensic methodologies, process/procedure manuals and documentation.
Periodically make recommendations that aid in the successful completion of highly complex and technical projects within a process, control or functional area.

Complete varied complex and non-standard tasks in an assigned area of responsibility.

Provide eDiscovery and litigation support to identify, preserve, collect, process, review and produce electronically stored information (ESI) for litigation purposes.

Mentor and provide guidance to incident response staff on security best practices, processes, procedures and countermeasures.