SOC Analyst MxDR

About Accenture Security

Looking to be part of a ground-breaking Cyber Security practice?

Thanks to the unmatched scale, speed and capabilities at Accenture, we have the unique position as trusted partners to world-leading organizations, including over 80% of the global Fortune 100.

This is an exceptional opportunity to collaborate across our Accenture ecosystem to co-create and deliver transformative security strategies that bring 360° Value to our clients and support our mission to secure the world.

About Accenture Security

Vision - We tackle the most critical Cyber security challenges head-on, working with the brightest minds in the sector and innovating security solutions to help clients grow confidently and move faster, securely.

What we sell and deliver-

Cyber Protection: Protecting the business as it transforms, applying zero trust principles to secure the entire digital core.

Cyber Resilience: Pressure test defences, understand emerging threats and prepare and respond quickly to attacks.

Cyber Strategy: Design and operationalize cyber risk strategies to protect & accelerate transformations & enable customer trust.

Cyber Physical Security: Protect operational reliability and integrity by securing industrial control systems ad connected products at all stages of their lifecycle.

Cyber Industry: Build resilience and mitigate risk across each industry’s value chain.

Our People - We’re a diverse and global powerhouse of 13,000+ security experts.

Our Partners - We work with government, regulators and a large ecosystem of sector specialists who provide continuous cyber defense support, trend analysis, threat hunting, advanced threat analytics and more. Some of our top ecosystem partners include: AWS, Google, Microsoft, SAP, Cyberark, VMware and Crowdstrike.

What’s in it for you?

Gain exposure to diverse industries and advanced security architectures, as you lead sophisticated simulated cyber-attacks against our globally renowned clients, employing the very latest threat actor tools and techniques.

Work closely with top-tier security experts in our threat intelligence and incident response teams, strengthening your already strong offensive security skills and pushing the boundaries of cybersecurity innovation.

Engage in ongoing training & certifications to stay at the forefront of the cyber security landscape, equipped with the latest tools and methodologies.

Contribute to enhancing the cybersecurity resilience of some of the world’s largest organisations, leaving a lasting impact on their security.

About Accenture Managed Extended Detection & Response (MxDR)

Organizations around the world rely on Accenture’s MxDR services to build and sustain a resilient incident management program. We offer the global presence and scale to satisfy even the largest enterprises.

Every week, Accenture’s MxDR:

Analyze over 125 billion log entries

Identify over 62,000 potential security events

Escalate over 11,000 validated security incidents

Work as part of a world class customer focused team, protecting customers from threats through analysis of log data, providing clear, detailed and timely alerts that can be acted on. The Security Analysis team delivers real time security monitoring and alerting, analysing logs from over 150 supported device types, while adhering to strict service-level agreements. We are the front line in protecting our customers.

In our team you will:

Develop a deep understanding of Cyber Security Operations

Develop your knowledge and skills on key cyber security technologies

Develop your knowledge and skills of cyber-attacks, vulnerabilities and counter measures

Responsibilities:

Investigate attacks against customer networks.

Monitor and analyze log data, network traffic and/or alerts generated by a variety of security technologies in real-time; escalate and explain validated security incidents to customers.

Write up security incident reports detailing the threat, its characteristics, and possible remediation activities.

Research new threats and ensure appropriate detection capabilities are in place to identify and respond to these threats.

Routinely review security incidents and other customer deliverables for adherence to the established procedures and guidelines. Document, rectify, and provide feedback to other analysts as necessary.

Ensure the quality and timeliness of the security incident detection and classification service.

Ensure standards and procedures are adhered to within defined SLA’s.

Articulate security issues to customers, both verbally and written.

Identify opportunities for process improvement.

Manage and track customer issues and requests.

Support other teams as needed.

Train other Associate Security Analysts and Security Analysts.

Support SOC tours as required.

Note: This role may require shift work

Qualifications

Excellent oral and written communication skills

Excellent customer service and interpersonal skills.

Passion for cyber security, learning, and knowledge sharing.

Experience in an operational environment, with customer-facing responsibilities.

Previous experience in an information/cyber security role – ideally focused on intrusion detection/security monitoring and analysis.

An excellent understanding of the cyber security threat landscape, including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods, and infection vectors.

An excellent understanding of computer networking, including a detailed understanding of TCP/IP and other core Internet protocols.

An excellent understanding of computer and network security.

Excellent technical and troubleshooting skills with the ability to be dynamic and adapt in order to solve complex technical issues with customers and partners.

The ability to communicate clearly at all levels, demonstrating strong verbal and written communication skills.

Experience retrieving information and generating reports using SQL.

Experience using python to automate basic analysis tasks.

Experience with any of the following SIEM product: Google Chronicle (highly preferred), Microsoft Sentinel, Splunk.

Experience with one or more of the following EDR products would be preferred: Crowdstrike, Microsoft Defender, Carbon Black, Endgame.

One or more of the following certifications would be desirable: SANS GCIA, SANS GCFA, SANS GCFE, OSCP.

Minimum of 2 years experience with Cyber Security.

About Accenture

Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries — powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. With 774,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at www.accenture.com.

Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law.