工作描述
Cyber Incident Responder
As a member of the Response Team within the global Cyber Incident Response (CIRT) Tower, you will play a key role in investigating security incidents identified through infrastructure monitoring. This includes addressing potential hacking attempts, intrusions, malware infections, information mishandling, and other security threats that could negatively impact Accenture. You will also provide support during major incidents and investigations, as well as engage in threat hunting activities.
Key Responsibilities:
Conduct investigations of security incidents, providing analysis and recommending corrective actions to address identified threats.
Participate in threat hunting activities to proactively identify and neutralize potential security threats.
Coordinate with internal teams to support a comprehensive security response.
Operate endpoint security and SIEM solutions to detect, analyze, and respond to cyber threats.
Working Arrangements:
Flexible (Location should be one of the base locations of Accenture)
Travel requirements: 0-5%.
Industry-relevant trainings and certifications provided.
Relationships:
Reports to: CIRT Response Lead & Regional Lead
External relationships: Security vendors
职位要求
Requirements:
5+ years of combined experience in an SOC, incident response, threat hunting role, or security-related field
Hands-on experience with handling incidents throughout the incident response lifecycle
Solid understanding of computer operating systems, including server operating systems (Windows & Linux)
Solid understanding of cloud infrastructure (Amazon, Microsoft Azure, Google)
Proficient with EDR and SIEM platforms
Security analysis skills (logfile analysis and analysis of mixed data sources/types)
Ability to manipulate and present data
Solid understanding of network protocols & architecture
Ability to multi-task and prioritize workload
Strong problem-solving skills
Strong sense of ethics & values, ability to handle confidential situations with discretion
Strong willingness to learn and grow within the role
Nice to Have:
IT Security certifications such as CEH, CySA+, BTL1, BTL2, GCIH, GCIA, GCFA
Familiarity with MITRE ATT&CK® Framework
Experience conducting investigations with security tools such as Microsoft XDR, Sentinel, Splunk, CrowdStrike
Scripting skills (e.g. PowerShell, python, bash) for automation
Education: In course or advanced studies in Cyber Security, Computer Sciences, Systems Engineering or related careers
What we offer:
Hybrid work.
Permanent employment contract
Private medical care, life insurance and employee share program.
Access to the MyBenefit platform (possibility of using a wide range of products and services, including the Multisport card).
Individual support of a People Lead and a specific path of professional development, as well as the possibility of a session with a Coach.
A wide training package (soft, technical and language training offer, access to the e-learning platforms, possibility of co-financing courses and certification).
Employee Assistance Program - legal, financial and psychological consultations.
Paid employee referral program.
