Role Title: Cyber Defense Detection Engineer
Cyber Defense within Accenture Security provides several high-risk, high-impact services for our clients. As such, the teams within Cyber Defense have unique and challenging infrastructure and security requirements. Some of the infrastructure currently managed within Cyber Defense includes command-and-control infrastructure for advanced red teaming, cloud infrastructure to support incident response investigations, and custom environments dedicated to developing malware and reverse-engineering software. Additionally, the workstations and laptops of Cyber Defense personnel have unique security requirements and challenges. This person will report to the Global CDI Detection Lead, and will be responsible for the deployment, operation, and security monitoring capabilities across Cyber Defense.
Some of the responsibilities of this role include:
- Configure SIEM (Splunk), EDR, Insider Threat, IAM and NGFW (Palo Alto) security controls.
- Monitoring the infrastructure for suspicious or anomalous behavior and for exercising cross-functional incident response plans in the event of an incident.
- Ensuring adherence to “best practice” security standards for the management and security of Cyber Defense infrastructure.
- Develop custom SPLUNK correlation and heuristic content to identify Cyber Defense specific anomalies and security issues.
- Conduct periodic scans and testing of Cyber Defense infrastructure to ensure compliance with security standards.
Directly support administrative, automation, and engineering efforts across the global CDI AOR
- Minimum of 3 years of information security experience, with a recent (2+ years) focus on threat hunting, SIEM content development, security monitoring and incident response.
- Minimum of 3 years of experience in Threat hunting & IR experience in Windows and/or Linux environments.
- Minimum of 3 years of experience in Threat hunting & IR in cloud and hybrid environments.
- Minimum of 2 years of experience in Amazon AWS, Google Compute, and/or Microsoft Azure experience.
- Minimum of 1 years of experience in SIEM (SPLUNK Cloud) and log management configuration and analysis.
- Minimum of 3 years of experience with incident response fundamentals and capabilities.
- Minimum of 3 years of experience in Threat and Vulnerability Management.
- Minimum of 2 years of experience/familiarity with Cyber Intelligence, Threat Operations, Penetration Testing, Red Teaming, Incident Response and Threat Hunting methodologies.
- Security certifications: GCIA, GCFA, GCFE, CISSP (Associate), CEH, or comps.
As required by the Colorado Equal Pay Transparency Act, Accenture provides a reasonable range of minimum compensation for roles that may be hired in Colorado. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. For the state of Colorado only, the range of starting pay for this role is
$112,400 - $134,999 and information on benefits offered is here.
The safety and well-being of our candidates, our people and their families continues to be a top priority. Until travel restrictions change, interviews will continue to be conducted virtually.
Subject to applicable law, please be aware that Accenture requires all employees to be fully vaccinated as a condition of employment. Accenture will consider requests for accommodation to this vaccination requirement during the recruiting process.
What We Believe
We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment.
Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here
Equal Employment Opportunity Statement
Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation.
Accenture is committed to providing veteran employment opportunities to our service men and women.
For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement.
Requesting An Accommodation
Accenture is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.
If you would like to be considered for employment opportunities with Accenture and have accommodation needs for a disability or religious observance, please call us toll free at 1 (877) 889-9009, send us an email or speak with your recruiter.
Other Employment Statements
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.
Principal Incident Response Investigator - Location Negotiable
USA WA - Seattle
Federal - Critical Infrastructure Cybersecurity - Program Manager & Advisor