Skip to main content Skip to footer

SOC L2 Incident Response Specialist

Security Transformation Team Lead/Consultant | Mid-Level | Full time
ジョブ番号 14552444 | Dalian
応募する
  • Role Overview 
    We are looking for a SOC L2 Incident Response Specialist to support cyber defense operations by investigating security incidents, responding to threats, and improving detection and response capabilities across enterprise environments. 

     

    Key Responsibilities

  • Investigate and analyze escalated security alerts and incidents from SOC L1.
  • Perform incident response, containment, and remediation activities, including endpoint isolation, account suspension, malicious process termination, IOC-based threat hunting, and blocking malicious IPs, domains, or URLs.
  • Analyze events across SIEM, EDR/XDR, network, cloud, identity, and endpoint security platforms.
  • Conduct threat hunting and use threat intelligence to identify potential risks and suspicious behaviors.
  • Manage incidents throughout the lifecycle and maintain accurate investigation documentation in ticketing systems.
  • Collaborate with infrastructure, application, cloud, and business teams during incident handling.
  • Support continuous improvement of SIEM use cases, response playbooks, and SOC processes

Required Qualifications

  • 3+ years of experience in SOC Operations, Incident Response, Cyber Defense, or Security Monitoring.
  • Hands-on experience with SIEM platforms such as Microsoft Sentinel, Splunk, IBM QRadar, or ArcSight.
  • Experience with EDR/XDR solutions such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black.
  • Strong understanding of incident response lifecycle, threat detection and analysis, network security, endpoint security, identity security, and cloud security fundamentals.
  • Familiarity with MITRE ATT&CK, Cyber Kill Chain, IOC/IOA analysis, and common malware investigation techniques.
  • Strong analytical, troubleshooting, documentation, and stakeholder communication skills.
  • Professional working proficiency in English; Mandarin Chinese is a plus.

Preferred Qualifications

  • Experience with threat hunting, threat intelligence analysis, or security automation/SOAR tools.
  • Exposure to cloud security environments such as Azure, AWS, or GCP.
  • Experience working with global or multinational security operations teams.
  • Relevant certifications such as Microsoft SC-200, GCIH, GCIA, CISSP, Security+, or Splunk Security certifications.

Dalian

雇用機会の均等化に関する声明

アクセンチュアは選考に際し、適用される法令に基づき、応募者を年齢、人種、思想信条、肌の色、宗教、性別、国籍、出生地、民族的起源、障がいの有無、性的指向、性同一性、遺伝情報、婚姻、パートナーの有無、市民権において差別することなく、全ての応募者に対し適用される法令に基づき採用選考を行います。

We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.

We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.

At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.

Join Accenture to work at the heart of change. Visit us at www.accenture.com.

採用職種の紹介

業界特化の仕事と募集要項:変革をリードし、未来を創る

通信、ハイテクや金融、消費財、エネルギーなど。各業界のエキスパートとして業界の成長のあり方を変えていきます。

さらに詳しく

セキュリティの仕事と募集要項:脅威を出し抜く

サイバーセキュリティに関する専門知識とスタートアップのような機動力を武器に、絶えず変化する複雑な脅威環境下で、お客様が安全かつ強靭なビジネスを構築できるよう支援します。

さらに詳しく