Incident Response & Threat Hunting Lead

  • Company:
    Accenture
  • Location:
  • Salary:
    negotiable / month
  • Job type:
    Full-Time
  • Posted:
    4 hours ago
  • Category:
    General

Incident Response / Threat Hunting Lead
Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialised capabilities across more than 40 industries – powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. With 505,000 people serving clients in more than 120 countries
Join us, learn from the best people and let challenging, interesting and enjoyable work become part of daily life.
A typical day for an Incident Response/Threat Hunting Lead

Identify and investigate intrusions to determine the cause and extent of the breach, leveraging threat intelligence sources

Hunt for and identify threat actor groups (APT) and their techniques, tools, and processes

Participate in Hunt missions using threat intelligence, analysis of anomalous log data and anomalous sessions to detect and eradicate threat actors

Develop Threat Hunting dashboards and reports to identify potential threats, suspicious/anomalous activity, and malware

Identify malicious or anomalous activity based on event data from network flows, EDR and other sources

Perform deep dive analysis by correlating data from various sources

Provide expert analytic investigative support for critical Incident Response security incidents

Maintain proficiency with security standards, tools and practices

Produce comprehensive and accurate oral and written reports and presentations for both technical and executive audiences

Effectively communicate and interface with client, both technically and strategically from the executive level, to client stakeholders and legal counsel

Act as an escalation support for client’s Incident Response teams on critical security events

On-site, client travel will be required for this position depending on client requirements, up to 50%

Basic qualifications:

Experience in Information Security Incident Response, Cyber Threat Hunting

Experience and thorough understanding of how to identify malicious activity within a network and think outside the box to discover the signal within the noise

Experience utilising SIEM tool effectively in triage events and search capabilities
Required Skills:

Strong background within Incident Response & Threat Hunting including IOC (Indicators of Compromise) & TTP (Tactics, Techniques & Procedures)

Strong background in forensics, data collection and log triage

Strong knowledge in TCP/IP, cryptographic protocols and algorithms, operating system (MACLinuxWindows) internals and operations

Deep Understanding of common Attack Vectors DDoS attacks, Phishing, Web Attacks, and Malware

Security certifications: SANS GIAC (GREM, GCFA, GCIH), OSCP

Experience in performing malware analysis

Experience in Endpoint Detection and Response (EDR) and Network Forensic tools
About Accenture
Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialised capabilities across more than 40 industries – powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. With 505,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at www.accenture.com.