Accenture Security helps organizations prepare, protect, detect, respond to, and recover, at all points of the security lifecycle. We hire the very best security talent and arm them with the coolest tools and latest tech so they can help our clients build resilience as we create integrated, customized turnkey solutions. We blend risk strategy, digital identity, cyber defense, application security and managed service solutions to rethink the entire security lifecycle.

　　The Accenture Security practice is a unique group of people passionate about Information Security. We are currently looking for a Detection & Response Consultant to deliver transformation and advisory engagements. As a Detection & Response Consultant, you will play a critical role in shaping our clients’ cybersecurity infrastructure, ensuring its effectiveness in detecting and responding to security incidents.

　　Job Summary:

　　The Detection & Response Consultant will be responsible to deliver transformation & advisory assignments including - designing and deployment of SIEM and SOAR solutions.

　　Key Responsibilities:

　　Designing and deployment of SIEM and SOAR solutions across on-prem and cloud environments.

　　Integrating out-of-the-box supported and unsupported log sources with SIEM solution.

　　Defining, implementing and finetuning of SIEM Usecases (alerts, reports, dashboards) for proactive detection

　　Developing response playbooks for SIEM detection Usecases in based on MITRE framework.

　　Designing and developing automation playbooks on SOAR solutions

　　Identifying and implementing Detection & Response process improvements

　　Participating in SOC maturity assessments.

　　Identification, analysis and documentation of detection and response requirements.

　　Participating in business development activities (including responses to RFP/I/Q)

　　Collaborating with clients to define the best approach to manage risk factors by maximizing efficiency and maturity of the security posture. Building and nurturing positive working relationships with clients with the intention to exceed client expectations.

　　Meeting target deadlines, preparation of management reports, prioritizing client escalations.

　　Travel to client locations within Canada and in US as needed.

　　MRequirements:

　　5+ years of working with SIEM tools (e.g., Splunk, Microsoft Sentinel) performing design, deployment, and configuration.

　　3+ years working on onboarding various new log sources in SIEM tools (supported and custom types)

　　3+ years translating security requirements into use cases; mapping use cases into events and data elements; implementing use cases and validating that the threat detection rules support the requirements.

　　3+ years working with threat modeling framework such as MITRE ATT&CK and Cyber Kill Chain

　　3+ years working with Windows operating systems and command line tools, network protocols, TCP/IP fundamentals.

　　Familiarity across a broad range of SIEM and SOR vendors, product capabilities and solutions

　　Demonstrable consultative skills and ability to analyze complex issues for impact and alternative solutions, making logical decisions based on overall project objectives. Communicate with and manage stake holders.

　　Ability to work as part of a project team with minimal levels of supervision or oversight.

　　Ability to quickly adapt and master new technology and ways of working. And work creatively and analytically in a problem-solving environment.

　　English communication skills required as primary language (written and oral), with additional French and Spanish language abilities preferred.

　　English is required for this position as this role will regularly interact with stakeholders across Canada, US and other countries across our Global footprint where English is the common language. Due to the significant high volume of interactions with these English-speaking stakeholders, which is inherent to this position, it is not possible to reorganize the company's activities to avoid this requirement.

　　Nice to have skills/certifications:

　　Certifications in public cloud (level of architect, security engineer/specialist) or Security Certifications in CISSP, CISM, CCSP or CCSK, CEH, CISA, Azure Security Engineer, Azure Solution Architect Expert, AWS Solution Architect Associate/Professional

　　Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing such as GDPR, ISO 27001, COBIT, Cloud Security Alliance, NIST 800-53, PCI DSS, ISA/IEC 62443, NERC CIP, HIPAA, etc.

　　Scripting experience using either Shell, Python, Perl, JavaScript, PowerShell, Azure-CLI, AWS-CLI, GCP CLI, etc.

　　Certifications for product or vendor security solutions such as: Sentinel, Splunk

　　In possession of, or able to qualify for, Canadian security clearance strongly preferred.

　　#LI-NA #LI-MP