Get AI-powered advice on this job and more exclusive features.
Salary: Competitive salary and package dependent on experience
Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside of the UK) and declaration of being a British passport holder with no dual nationalism at the point of application.
Note: The above information relates to a specific client requirement
Our Cyber Practice is a fast-growing community of industry leading experts. The practice covers Assurance, Compliance, Security Operations (SecOps), Offensive Security and Security Research. It is critical that the relevance and quality of the services that we provide is maintained and augmented and that the team members have every opportunity to grow and learn with the organisation.
As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response.
Job Description
If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients, look no further. We are searching for an experienced technical Cyber Security Operations Specialist to join our Blue Team. This is a senior role, and the ideal candidate will be a self-starter with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response.
Key responsibilities
* Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks)
* Collaborate with the extended security team to identify gaps in detection coverage, log ingestion and alerting based on business risks and threats
* Review and improve existing SecOps standards and capabilities e.g. by highlighting requirements for additional logging, identifying incident or threat trends and detection and business-as-usual optimisation opportunities
* Perform security monitoring, reviewing and triaging triggered alerts, and suggesting improvements (on a rota basis 9AM to 5:30PM)
* Respond to and investigate identified cyber security incidents
* Act as a point of escalation for junior analysts, supporting them through mentorship and shadowing
* Operate as a technical subject matter expert on client engagements and be prepared to interact with, and present to, senior stakeholders in a consulting capacity
* Participate in alert testing and incident response tabletop exercises as required
* Remain up to date with latest threat intelligence which may be of interest to our clients
* Proactive threat hunting and tradecraft development
* Incident response and playbook development
* Change approvals (where applicable)
* Collection and interpretation of different sources of threat intelligence and researching emerging threats and TTPs
* Vulnerability scanning, management and reporting
* This role includes an opportunity to operate in a management (within Accenture) and leadership capacity (within client) if this aligns with your personal career goals
Note: This role requires an approximately 1-week month on-call availability for high priority incident response. Please note there is additional compensation for this, and the frequency is client dependent.
The successful candidate should have experience and skills in some of the following areas:
* Working knowledge of key threat intelligence concepts such as the Pyramid of Pain, Intelligence Preparation for the Cyber Environment (IPCE), and the Threat Intelligence Lifecycle
* Detection Engineering and Alert Development
* Experience with Scripting and Programming – e.g. Python/Bash/c/c++/Java
* Core cybersecurity concepts such as network security, cryptography, cloud security, forensics
* Understanding of network protocols and how they can be abused by attackers
* Up to date knowledge of the most prevalent APTs and their TTPs
* Knowledge of common analysis techniques associated with Windows and/or Linux
What’s in it for you
At Accenture in addition to a competitive basic salary, you will also have an extensive benefits package which includes up to 25 days of vacation per year, private medical insurance and three days leave per year for charitable work of your choice!
Flexibility and mobility are required to deliver this role to deliver the first-class services we are known for.
About Accenture
Accenture is a leading global professional services company that helps the world’s leading organizations build their digital core, optimize their operations, accelerate revenue growth and enhance services—creating tangible value at speed and scale. We are a talent- and innovation-led company with 774,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. Visit us at www.accenture.com
EEO statement: Accenture is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
#J-18808-Ljbffr