Cyber Incident Response Specialist

The Job

As part of the global Computer Incident Response Team (CIRT Tier 3) you will be responsible for investigating security incidents that may negatively impact Accenture (including hacking attempts intrusions virus infections mishandling of information and other security threats); providing support during large incidents and investigations; and participating in threat hunting activities. Additionally you will be responsible for mentoring members of the team.

Key Responsibilities:

• Analyze potential network security incidents to identify security breaches.
• Investigate security breaches and make qualified decisions and recommendations for corrective action.
• Participate in threat hunting activities.
• Coordinate with other teams and organizations as necessary.
• Assist in larger security incidents and more complex investigations.
• Operate endpoint security and SIEM solutions.
• Collaborate with Cyber Threat Intelligence and remediation teams
• Serve as for new team members

Must Have:

• Bachelor Degree (advanced studies in Computer Sciences Systems Engineering or related careers)
• 45 years experience on Network Security Operations Infrastructure Services (IS)
• Solid understanding of computer operating systems including server operating systems (Windows & Linux)
• Solid understanding of cloud infrastructure (Amazon Azure Google)
• Familiarity with MITRE ATT&CK Framework
• Proficient with EDR and SIEM platforms
• Security analysis skills (logfile analysis and analysis of mixed data sources/types)
• Proficiency in at least one common scripting language
• Ability to manipulate and present data
• Solid understanding of network protocols & architecture
• Ability to multitask and prioritize workload
• Strong problemsolving skills
• Strong sense of ethics & values ability to handle confidential situations with discretion
• Strong willingness to learn and grow within the role
• Excellent oral and written communication skills in English

Good to Have:

• Experience in incident response or in other operational security roles
• IT Security certifications such as GCIA GCIH GCIA GREM CEH GCFA CISSP
• Knowledge of one or more common programming languages

Remote Work :

No