Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Security Threat Hunting, DFIR
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
As part of the Cyber Resilience team, we are seeking a highly skilled Incident Response Consultant / DFIR Specialist to support the identification, investigation, containment, and remediation of cyber security incidents. This role is ideal for professionals with hands-on experience in digital forensics, malware analysis, ransomware response, threat hunting, and breach investigation.
The candidate will work closely with internal teams, clients, and stakeholders to manage active incidents, perform forensic analysis, and recommend remediation strategies to strengthen cyber resilience.
Roles & Responsibilities:
Lead and support cyber incident response investigations across endpoints, servers, cloud, and network environments
Perform triage, containment, eradication, and recovery activities during active incidents
Investigate ransomware, phishing, business email compromise, insider threats, malware infections, and data breaches
Conduct host-based and network-based forensic analysis
Analyze logs, alerts, and endpoint telemetry to determine attack scope, root cause, and impact
Identify indicators of compromise (IOCs), attacker techniques, and persistence mechanisms
Support malware analysis and suspicious file investigation
Prepare clear, accurate, and timely incident reports, executive summaries, and technical findings
Coordinate with stakeholders during high-pressure response situations
Recommend security improvements based on lessons learned from incidents
Participate in tabletop exercises, threat-led assessments, and readiness activities
Providing support for threat intelligence interpretation, alert investigation, and incident readiness planning
Professional & Technical Skills:
Experience in Incident Response, DFIR, SOC, Threat Hunting, or Cyber Security Operations
Strong understanding of incident handling lifecycle
Hands-on experience with Windows, Linux, and macOS investigation
Experience with log analysis, SIEM, EDR, and endpoint investigation tools.
Familiarity with one or more tools such as: Splunk, Microsoft Defender, CrowdStrike, Velociraptor, EnCase, FTK, X-Ways, Wireshark
Ability to write professional technical reports and communicate findings to both technical and non-technical audiences
Preferred Qualifications
Experience handling enterprise-scale cyber incidents
Exposure to malware analysis and threat intelligence
Experience in cloud incident response across AWS, Azure, or GCP
Knowledge of MITRE ATT&CK and forensic methodologies
Experience with tabletop exercises, red team coordination, or breach readiness programs.
Relevant certifications such as GCIH, GCFA, GNFA, CISSP, CHFI, Security+
Soft Skills
Strong analytical and problem-solving ability
Calm and effective under pressure
Excellent stakeholder communication
Strong documentation and reporting skills
Ability to work independently and collaboratively in fast-paced environments
Additional Information:
This position is based at the Gurugram office.
Minimum 8 years of cybersecurity experience, with a strong focus on Incident Response, DFIR, SOC, Threat Hunting threat hunting and proactive security operations.
Relevant industry certifications such as CISSP, GCIH, GCIA, or GIAC Cyber Threat Intelligence (GCTI) are preferred.
Gurugram
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.
We have been alerted to the existence of fraudulent messages asking job seekers to set up payment to cover various costs associated with establishing employment at Accenture. No one is ever required to pay for employment at Accenture. If you are contacted by someone asking for payment, please do not respond, and contact us at india.fc.check@accenture.com immediately.