SIEM and SOAR Platform Engineer
工作描述
About Accenture
Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. Visit us at www.accenture.com.
Accenture Security
Join Accenture Security to pioneer security solutions that blend risk strategy, digital identity, cyber defense, application security and managed services. Using the coolest next-gen tech, you’ll have every chance to stay one step ahead of cybercrime and out-hack the hackers.
Accenture Security provides comprehensive security services – from security strategy development to business transformation, to managed security services – on demand and at a global scale to help mitigate risks and take full advantage of advanced technologies and proven risk management models. Our experienced team of global security professionals helps businesses understand their risks and build resilience from the inside out, giving them the confidence to focus on what matters most: innovation and business growth.
Responsibilities
Design, implement, and optimize Google SecOps (Chronicle SIEM and SOAR) solutions to strengthen client security monitoring and response capabilities.
Serve as a Google SecOps subject matter expert, leading solution design, data modeling, and platform configuration in alignment with defined client and service requirements.
Develop, tune, and maintain detection rules and logic using YARA‑L and Chronicle native capabilities to improve threat visibility while minimizing false positives and operational noise.
Design, implement, and maintain SOAR playbooks within Google SecOps to automate alert enrichment, investigation workflows, and approved response actions.
Integrate Google SecOps with cloud, endpoint, network, and third‑party security tools to enable scalable and comprehensive threat detection coverage.
Troubleshoot complex data ingestion, parsing, correlation, and platform issues within Google SecOps to ensure data integrity, reliability, and continuity of security monitoring.
Own platform operability by ensuring the reliability and quality of log ingestion and integrations, and delivering standardized operational health outputs to support service oversight and stakeholder decision‑making.
Manage controlled deployment of detections, parsers, integrations, and playbooks using version control and defined release practices to ensure stable, auditable changes across environments.
Create and maintain technical documentation, operational procedures, and implementation artifacts aligned to Google SecOps platform standards and service governance requirements.
Act as the senior technical point for client‑facing SIEM and SOAR troubleshooting, providing clear root‑cause analysis and remediation guidance for complex platform issues
职位要求
Requirements
Bachelor’s degree in Computer Science, Information Security, Cyber Security, or a related field, or equivalent practical experience.
Hands‑on experience in security operations or detection and response environments, supporting SIEM‑based monitoring and incident workflows.
Strong practical experience with SIEM platforms, including rule development, tuning, data onboarding, and investigation support.
Hands‑on experience with SOAR platforms, including playbook development, automation of response actions, and workflow optimization.
Ability to troubleshoot complex platform, data quality, and integration issues across multiple security technologies.
Strong collaboration skills, with the ability to work effectively with SOC analysts, incident responders, and engineering teams.
Preferably strong proficiency with Google SecOps (Chronicle SIEM and SOAR), with working knowledge of YARA‑L or similar detection languages, and experience using Git for version control and deployment of detections, playbooks, or configurations.
Experience supporting client‑facing troubleshooting activities for SIEM and SOAR platforms.
Security‑related certifications are a plus.
Why Join Us
At Accenture, you will be part of a global network of security professionals, working on advanced security initiatives and contributing to impactful, large-scale security programmes. You will have access to cutting-edge tools, continuous learning, and opportunities to grow your cybersecurity career.
