MD - Greenbelt
Location: Greenbelt, MD
Services, a wholly owned subsidiary of Accenture LLP, is a U.S. company with
offices in Arlington, Virginia. Accenture's federal business has served every
cabinet-level department and 30 of the largest federal organizations. Accenture
Federal Services transforms bold ideas into breakthrough outcomes for clients
at defense, intelligence, public safety, civilian and military health organizations.
We believe that great
outcomes are everything. It’s what drives us to turn bold ideas into
breakthrough solutions. By combining digital technologies with what works
across the world’s leading businesses, we use agile approaches to help clients
solve their toughest problems fast—the first time. So you can deliver what
Count on us to help you
embrace new ways of working, building for change and put customers at the core.
A wholly owned subsidiary of Accenture, we bring over 30 years of experience
serving the federal government, including every cabinet-level department. Our
7,200 dedicated colleagues and change makers work with our clients at the heart
of the nation’s priorities in defense, intel, public safety, health and civilian
to help you make a difference for the people you employ, serve and protect.
The Tier 1 SOC Analyst will possess experience with network, endpoint, threat intelligence, forensics and malware reverse engineering, as well as the functioning of specific applications or underlying IT infrastructure; has analyzed phishing emails including email headers, malware, source code, acts as a first responder to account/system attacks and compromises to determine threat vectors and provide initial remediation; uses SIEM to monitor/analyze incidents, and works with stakeholders to resolve incidents; ; escalates incidents when necessary using policies and procedures, closely involved in developing, tuning and implementing threat detection analytics. They will also be responsible for the following:Act as network incident first responder for a 24/7 staffed SOC, reviewing and verifying system alertsAssist with the development of incident response plans, workflows, and SOPsMaintain security sensors and toolsMonitor security sensors and review logs to identify intrusionsEscalate security incidents using established policies and proceduresUses tools and techniques to perform initial extraction, de-obfuscation, or other manipulation of malware-related dataPerform initial analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when availableWork directly with cyber threat intelligence analysts to convert intelligence into useful detectionCollaborate with an incident response team to rapidly build detection rules as neededIdentify incident root cause and take proactive mitigation stepsPerform lessons learned activitiesReview vulnerabilities and track resolutionReview and process threat intel reportsImplement detection use casesImplement IDS signaturesAssist with incident response effortsProvide critical information for customer report briefsParticipate in customer security assessmentsParticipate in tabletop exercises