You Are:
The Cybersecurity Incident Response Triage Sr. Analyst role will work in the CIRT team in the CISO organization. This role works under analysis and triage team lead to perform in-depth investigation and analysis on security-relevant events indicating policy violations or possible insider-threat presence.
Key Responsibilities:
- Actively monitor and respond to cybersecurity incidents related to alerted policy violations
- Analyze and investigate incidents to determine their nature and scope.
- Coordinate with the lead and other Cybersecurity Incident Response Teams for effective incident resolution.
- Document incidents and response activities in detail.
- Stay updated with the latest cybersecurity threats and trends.
- Assist in developing and refining incident response strategies and procedures.
- Collaborate with operations teams, legal, human resources and management to investigate security issues and interview investigation subjects to determine true and false positives.
Here's What You Need:
- US Citizenship required
- Excellent communication skills and knowledge in incident response lifecycles, common cyber-attacks, insider-threat indicators and warnings, data loss prevention and detection mechanisms, and federal incident reporting requirements.
- Excellent communication (written and oral), attention to detail and interpersonal skills
- Experience presenting complex technical information to decision makers and leading them through the decision-making process
- Work independently to deliver timely solutions without direct supervision
- 1-2 years’ experience in information security, or other equivalent combination of education or equivalent work experience.
- 1-year(s) of experience performing event and log analysis including one or more of the following: Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Data loss prevention tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions.
- Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
- Familiarity with TCP/IP, common application layer protocols, and packet analysis of the same.
- Familiarity with static and dynamic malware analysis concepts.
- Experience with indicators of attack and compromise.
- Familiarity with Windows / Linux architecture and endpoint analysis of the same.
- Familiarity with basic data parsing and analysis tools, i.e., Excel, grep, sed, awk, regex, etc.
Bonus Points if you have:
- SANs GIAC Certifications including but not limited to GCED, GCLD, GCIH, GCFA, GREM; CISSP
As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii, New York, Washington, and the District of Columbia. The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. We accept applications on an on-going basis and there is no fixed deadline to apply.
Los Angeles County Information Only
If you live in or expect to work from Los Angeles County if hired for this position, please review below for important additional information.
Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed in the job posting, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, meet client expectations, standards, and accompanying requirements, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Los Angeles Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Requesting An Accommodation