Organization: Accenture Federal Services
Accenture Federal Services, providing a tailored strategy to address the many cybersecurity challenges faced by customers in today’s ever-changing business and industry landscape. Our team delivers a wholistic approach to cybersecurity assessment, monitoring, investigation, and response. Whether we’re defending against identified threat actors, detecting, and responding to the unknown, or running an entire security operations center, we build cyber resilience so our clients can grow with confidence in their security.
A Cyber Security professional and enthusiast, who is seeking opportunities to evolve his/her craft by understanding latest cyber threats and help clients identify intrusion in their respective environments. In order to effectively do this, you leverage cutting edge Security Information and Event Management (SIEM) data analytics, as well as network/endpoint detection and response technologies for investigating any malicious activity in customer’s on-prem and cloud environments
- Will manage a team of analysts to rapidly analyze and triage security problems and escalate risk for operational action.
- Support development of technical solutions to support client's requirements in solving moderately complex network, platform, and system security problems.
- Create and modify security SIEM dashboards to clearly identify scope of findings, or monitor activity.
- Identify patterns/outliers within data sets that match threat actor TTPs, post compromise behavior, and otherwise unusual activity, such as insider threat.
- Provide expert analysis investigative support of large scale and complex security incidents, and in many cases identify incidents for which a technical detection may not be available.
- Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations to identify IOCs.
- Provide Tier III services reviewing investigation tickets, feedback to SOC analysts on analysis/writeup, developing tune request across all security products providing alerts, advanced network traffic and log analysis, working any escalated investigation requiring IR response such as insider threat, APT detection, complex malware analysis/forensics activities.
- Track investigations to resolution and provide an after-action report as required.
Here's what you need:
- 5+ years related work experience in one or more of the following organizations: Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) and with a foundation as a Security Operations Center (SOC) analyst.
- 2+ years performing incident response (Tier III) duties. Developing tune requests, investigating APT related activities, updating SOPs, and improving processes.
- Experience with Anti-Virus, Intrusion Detection Systems, Data Loss Prevention, Endpoint Tools, Packet Capture, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions (eg Splunk)
- Strong foundation with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
- Experience managing a team
- Client presentation and communication experience.
Bonus Points if you have have:
- Experience with tickets systems such as Archer and Service Now.
- Scripting experience to automate queries and streamline tasks (eg. Python, PowerShell)
- One or more of the following certifications are strongly desired:
- GIAC Certified Detection Analyst (GCDA)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Perimeter Protection Analyst (GPPA)
- GIAC Defending Advanced Threats (GDAT)
- GIAC Network Forensic Analyst (GNFA)
- Experience working within a government agency
- Digital Media Analysis (DMA), prior computer forensics, Cyber Threat Intelligence or Cyber Hunt experience strongly desired
US Citizenship required
As required by the Colorado Equal Pay Transparency Act, Accenture Federal Services provides a reasonable range of minimum compensation for roles that may be hired in Colorado. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. For the state of Colorado only, the range of starting pay for this role is 108,300 –169,6999 and information on benefits offered is here.
The safety and well-being of our candidates, our people and their families continues to be a top priority. Until travel restrictions change, interviews will continue to be conducted virtually.
Subject to applicable law, please be aware that Accenture requires all employees to be fully vaccinated as a condition of employment. Accenture will consider requests for accommodation to this vaccination requirement during the recruiting process.
What We Believe
We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment.
Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here
Equal Employment Opportunity Statement
Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation.
Accenture is committed to providing veteran employment opportunities to our service men and women.
For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement.
Requesting An Accommodation
Accenture is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.
If you would like to be considered for employment opportunities with Accenture and have accommodation needs for a disability or religious observance, please call us toll free at 1 (877) 889-9009, send us an email or speak with your recruiter.
Other Employment Statements
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.