About Accenture Cyber Threat Intelligence (ACTI)
ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain.
Who You Are
You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team’s awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence.
As a Track, Report and Pursue (TRaP) Intelligence Analyst with ACTI, you will provide analytic support as part of a team that performs in-depth technical, tactical, and operational analysis of sophisticated adversarial threat campaigns that may pose a threat to existing or prospective Accenture Security clients. This position involves in-depth specialized research, collaboration with industry specialists and peer analysts, development and maintenance of short- and long-term research projects, a high degree of writing for tactical and executive audiences, and the presentation of findings through briefings and external engagements.
- Act as an all-source intelligence threat analyst by analyzing adversarial indicators of compromise (IOCs) and respective tactics, techniques, and procedures (TTPs) to provide unique insight into current and emerging threat groups and campaigns, and to generate actionable intelligence.
- Provide input regarding the ACTI mission, and participate in intelligence requirements development and collection management.
- Participate in the drafting and ultimate dissemination of finished tactical and operational threat intelligence products (reports, briefings, etc.).
- Develop and continuously tune detection signatures (e.g., YARA and Snort signatures) for both immediate client consumption and to maintain visibility into adversarial malware variants and tooling.
- Collect, analyze, and provide an informed assessment of technical IOCs to better understand incidents and help refine detection and response efforts.
- Maintain, develop, and continuously evaluate cyber threat intelligence sources to increase effectiveness and timeliness of reporting of actionable threat assessments.
- Respond to client requests for information (RFIs).
- Assist with threat assessments, including by adding applicable threat intelligence on threats to specific sectors, as well as by enumerating a specific company’s infrastructure and potential cybersecurity vulnerabilities.
- Engage and develop relationships with peers among Accenture Security's clientele and their industries to determine client and industry intelligence requirements, reporting use cases, and feedback on ACTI products.
- Support Accenture Security business development and marketing initiatives, including by representing ACTI and Accenture Security at security conferences and industry gatherings.
- Assist with Accenture Security engagements that involve on-site and remote work with clients, using subject-matter expertise to help develop, uplift, and mature ACTI operations.
- Travel, occasionally, as ACTI is a client-focused organization, and this position may require doing so to address client needs, enhance deliverables, or otherwise support projects.
- Bachelor’s Degree in Computer Forensics, Science, Engineering, Information Systems, or other related security field, or comparable experience.
- Minimum 5 years of experience tracking cyber espionage groups and targeted cybercrime threat campaigns, including but not limited to their associated TTPs and malicious tools.
- Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.).
- Practical understanding of malware analysis and/or reverse engineering.
- Ability to develop malware detection signatures (e.g., YARA).
- Ability to research, analyze, and synthesize large amounts of data and information (internal attacks, closed- and open-source threat intelligence data) to correlate current and emerging targeted threat trends.
- Strong written and verbal skills; can communicate complex concepts at a high level while retaining meaning and highlighting features in a way that maximizes audience engagement
- Strong problem solving and critical thinking capabilities.
- Ability to work with a high degree of independence.
- Familiarity with computer incident response, system forensic analysis, network forensic analysis, scripting, data mining, large data analysis, and/or interview techniques.
- Minimum 2 years of experience working in a security operating center (SOC) or incident response (IR) function.
- Familiarity with computer network protocols, computer incident response procedures, system and network forensic analysis, scripting, data mining, statistical analysis, and data analytics.
- Experience with computer networking and internet technologies, such as TCP/IP protocols, and data communications schemes.
- Ability to read and understand network log sources and events (e.g., netflow and PCAP).
- Proficient knowledge of programming languages (e.g., Python) to work with structured and unstructured threat data.
- Experience utilizing data visualization platforms (e.g., Maltego) to map out threat infrastructure.
- Experience with traditional intelligence targeting and analysis tradecraft techniques.
- Project management experience.
- Network+, Security+, Certified Ethical Hacker (CEH), or relevant SANS certifications.
As required by the Colorado Equal Pay Transparency Act, Accenture provides a reasonable range of minimum compensation for roles that may be hired in Colorado. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. For the state of Colorado only, the range of starting pay for this role is $152,700 - $190,099 and information on benefits offered is here.
The safety and well-being of our candidates, our people and their families continues to be a top priority. Until travel restrictions change, interviews will continue to be conducted virtually.
Subject to applicable law, please be aware that Accenture requires all employees to be fully vaccinated as a condition of employment. Accenture will consider requests for accommodation to this vaccination requirement during the recruiting process.
What We Believe
We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment.
Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here
Equal Employment Opportunity Statement
Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation.
Accenture is committed to providing veteran employment opportunities to our service men and women.
For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement.
Requesting An Accommodation
Accenture is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.
If you would like to be considered for employment opportunities with Accenture and have accommodation needs for a disability or religious observance, please call us toll free at 1 (877) 889-9009, send us an email or speak with your recruiter.
Other Employment Statements
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.
Posted 1 day ago
Principal Incident Response Investigator - Location Negotiable
Posted 1 day ago
USA WA - Seattle
Federal - Critical Infrastructure Cybersecurity - Program Manager & Advisor
Posted 1 day ago