As part of the Cyber Incident Response Team (CIRT-Tier3), investigate security incidents that may negatively impact Accenture, including hacking attempts, intrusion, virus infections, mishandling of information, data breaches and other security threats. Participate in threat hunting activities.
Analyze potential network security incidents to identify security breaches.
Investigate security breaches and make qualified decisions and recommendations for corrective action.
Participate in threat hunting activities.
Coordinate with other teams and organizations as necessary.
Assist in larger security incidents and more complex investigations by leveraging the EDR, network/disk forensic tools.
Operate EDR and SIEM solutions from Incident Response (IR) perspective.
Collaborate with Cyber Threat Intelligence and remediation teams
Manage security infrastructure
Home office could be arranged
Travel requirements 0-5%
Reports to: CIRT Infra. Regional Lead / Global CIRT Infra. Manager
Supervises: More experienced team members may supervise junior team members in certain situations
External relationships: Endpoint security and AV vendors.
Knowledge and Skill Requirements:
Understanding of computer operating systems, including server operating systems (Windows & Linux)
Security analysis skills, including ability to analyze logs to detect required information and patterns
Understanding of network protocols & architecture
Understanding of cloud infrastructure (Amazon, Azure, Google)
Ability to multi-task and prioritize workload
Ability to manipulate and present data
Above average problem-solving skills
Excellent oral and written communication skills in English
Strong sense of ethics & values, ability to handle confidential situations with discretion
Strong willingness to learn and grow within the role
Nice to have
Experience in incident response or in other operational security roles
Experience with SIEM, EDR and intrusion detection solutions
Programming and scripting skills
Education: In course or advanced studies in Computer Sciences, Systems Engineering or related careers
IT Security certifications like GCIA, GCIH, GREM, CEH, GCFA.