Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Security Information and Event Management (SIEM)
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
As a Level 2 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sentinal One and Splunk SIEM, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. This role requires deep expertise in detection, investigation, containment, and remediation, as well as collaboration with multiple teams across security, IT, and compliance.
Roles & Responsibilities:
-Alert Triage & Investigation: Experience investigating escalated alerts using SIEM or EDR
-Incident Response and Containment: Take necessary actions to contain, eradicate and recover from security incidents.
-Identify opportunities for automation and work with SIEM Platform Support team for implementing it.
-EDR Deep Dive: Using Real Time Response (RTR), Threat Graph, custom IOA rules
-Proficiency in writing SPL queries, dashboards and providing fine tuning opportunities
-Threat Hunting: Behavior-based detection using TTPs
-Good understanding of malware, lateral movement, privilege escalation, and exfiltration patterns
-Threat Intel Integration: Automation of IOC lookups and enrichment flows
-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis
-Good experience in advanced threat detection and incident response
-Proficiency in Sentinal One forensic and incident response capabilities
-Playbook Development/Updation: Able to define, update, and optimize IR playbooks and workflows
-Forensic analysis (memory, file systems, logs)
-Cloud incident handling (AWS, Azure)
-Dashboarding: Advanced visualizations and business-focused metrics in Splunk
-Certifications: Splunk Certified Admin/ES Admin, SC-200, Sentinal One EDR vendor training
Professional & Technical Skills:
-Investigate alerts escalated by L1 to determine scope, impact, and root cause
-Perform in-depth endpoint and network triage using Sentinel One
-Use Sentinel One to perform endpoint analysis and threat validation
-Correlate multiple log sources in Splunk to trace attacker activity
-Execute or verify SOAR playbooks for containment actions (isolate host, disable user)
-Enrich events with asset, identity, and threat intelligence context
-Document investigation workflows, evidence, and final conclusions
-Support L3 during major incidents by performing log or memory triage
-Suggest improvements in alert logic or SOAR workflow to reduce false positives
-Conduct threat research aligned to alert patterns and business context
-Enhance alert fidelity with threat intel and historical context
-Document investigation findings and communicate with stakeholders
-Sentinal One: Custom detections, forensic triage, threat graphs
-Splunk SIEM (core + ES module): Searching Logs, Monitoring and investigating alerts.
Additional Information:
- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).
- This position is based at our Hyderabad office.
- A 15 years full time education is required.
Hyderabad
Requesting an Accommodation
Accenture is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.
If you would like to be considered for employment opportunities with Accenture and have accommodation needs such as for a disability or religious observance, please call us toll free at 1 (877) 889-9009 or send us an email or speak with your recruiter.
Equal Employment Opportunity Statement
We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.
For details, view a copy of the Accenture Equal Opportunity Statement
Accenture is an EEO and Affirmative Action Employer of Veterans/Individuals with Disabilities.
Accenture is committed to providing veteran employment opportunities to our service men and women.
Other Employment Statements
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. Further, at Accenture a criminal conviction history is not an absolute bar to employment.
The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.
California requires additional notifications for applicants and employees. If you are a California resident, live in or plan to work from Los Angeles County upon being hired for this position, please click here for additional important information.
Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.