Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Endpoint Extended Detection and Response
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary: experience in cybersecurity with at least 2 years in Ransomware Analysis security. The Halcyon Ransomware Protection is responsible for managing and optimizing the Halcyon anti-ransomware platform across the enterprise. This role focuses on ransomware detection, prevention, isolation, rollback operations, and integration of Halcyon with the existing cybersecurity ecosystem to strengthen organizational resilience against advanced ransomware threats. Roles & Responsibilities: -Deploy, configure, and maintain the Halcyon anti-ransomware agent across endpoints and servers. -Monitor platform health, sensor coverage, and real-time protection status. -Manage platform configurations, policy updates, signature updates, and agent upgrades. -Ensure high availability and operational continuity of the Halcyon platform. -Review Halcyon alerts, detections, and high-risk events for ransomware activity. -Perform deep analysis on suspicious behaviors using Halcyon threat intel and behavioral telemetry. -Lead containment actions: isolate systems, kill ransomware processes, and remove malicious artifacts. -Execute Halcyon rollback and recovery procedures to restore encrypted files and system integrity. -Work with SOC and IR teams for coordinated incident response. -Hunt for early indicators of ransomware staging (persistence, privilege escalation, lateral movement). -Utilize Halcyon s Threat Response Intelligence, behavioral indicators, and AI/ML insights. -Identify gaps in ransomware defenses and propose improvements. -Conduct post-incident forensics and malware behavior analysis. -Design, implement, and tune ransomware protection policies to reduce false positives and enhance detection accuracy. -Manage application allow/deny lists, behavioral analysis thresholds, and rollback rules. -Maintain consistent policy governance across regions and business units. -Integrate Halcyon with SIEM, SOAR, EDR, ITSM, and incident response platforms. -Create automated playbooks for ransomware alerts, isolation workflows, ticketing, and remediation. -Leverage APIs for automated deployment, alert enrichment, and reporting. -Act as the L3 escalation for ransomware-related security events. -Participate in tabletop exercises, red team/purple team scenarios focused on ransomware readiness. -Provide guidance to SOC, IT Ops, and Endpoint teams on secure configuration and ransomware resilience. Generate reports on: Attack attempts,Encryption prevention success rates,Rollback events,Sensor health and coverage,Ransomware trends and risk posture,Support internal audits, compliance assessments, and customer due-diligence requests, Maintain documentation for policies, SOPs, configurations, and incident playbooks. Professional & Technical Skills: - Strong hands-on experience with Halcyon Ransomware Protection Platform (mandatory for lead-level roles). -Expertise in ransomware behavior, attack chain, encryption techniques, and mitigation strategies. -Experience with EDR/AV tools such as CrowdStrike, Defender ATP, SentinelOne, or Carbon Black. -Strong understanding of: -Windows and Linux internals -MITRE ATT&CK (especially T1486, T1489, T1490) -Privilege escalation, lateral movement, persistence techniques -Scripting knowledge (PowerShell or Python) for automation and investigations. -Familiarity with SIEM/SOAR tools and incident response frameworks (NIST, SANS). -Vendor-specific EDR/IR certifications Additional Information: - The candidate should have minimum 3 years of experience in Endpoint Extended Detection and Response. - This position is based at our Bengaluru office. - A 15 years full time education is required.
Bengaluru
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.
We have been alerted to the existence of fraudulent messages asking job seekers to set up payment to cover various costs associated with establishing employment at Accenture. No one is ever required to pay for employment at Accenture. If you are contacted by someone asking for payment, please do not respond, and contact us at india.fc.check@accenture.com immediately.