Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

Senior Incident Response Analyst - Location Negotiable

Philadelphia, PA

Day to Day

You'll work as part of a team, collaborating with other Accenture employees. Together, the Accenture team will work on active incidents and reporting back to the client on findings that will aid in the containment, mitigation, and remediation process of the incident. Also, develop content that would support the areas of improvement for the current operations, technology capability, and collaboration.

Position Overview

SOC Operations provides the opportunity to work in dedicated network defense environments with a focus on threat identification, incident response, cyber threat intelligence infusion, and mitigations to ensure defensive resiliency. The Senior Incident Response Analyst role will work in a team environment to aid in identifying actionable threat intelligence and monitor SIEM and security technologies, with a focus on threat identification, incident response, cyber threat intelligence infusion, and mitigations to ensure defensive resiliency and verify potential threat activity.

Want more jobs like this?

Get Data and Analytics jobs in Philadelphia, PA delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

Daily activities will include detailed case management documentation and incident handling; use of your expert skillset to guide junior analysts in advanced analysis of network logs, threat intelligence data, malicious code samples, processing of mitigations, and determination and escalation of threat detections. You will serve as a Seasoned Incident Responder in advanced SOC operations to help maintain a defensive state of discovery and alert capabilities for clients and work collaboratively in a team environment with various touchpoints, handoffs, and continuous prioritization.

Read more of the job description

Read Less


Required Qualifications:
  • Experience working in a Security Operations Center or similar environment providing incident handling and response, intrusion detection, analysis, cyber threat intelligence, threat determination, and mitigations processing and tracking.
  • Experience in security operations process creation or process enhancement aligned to industry standard frameworks.
  • Experience triaging threats derived from various intakes to include security technology alerts, user reported tickets, and other internal SOC organizations.
  • Experience working across organizational lines of business to implement mitigations, remediations, and countermeasures resulting from cyber threat intrusions.
  • Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
  • Experience working with various network and system security technologies to include SIEM (such as Splunk ES, Securonix, IBM QRadar, HP ArcSight, and/or McAfee ESM/Nitro), data analytics platforms, endpoint tools, network technologies and appliances, etc.
  • Advanced proficiency in cyber threat intelligence parsing, correlation and alerting rule creation, packet analysis, encryption and obfuscation techniques, malware handling and analysis, digital forensics, indicator of compromise (IOC) management, network flow data, advanced endpoint security technologies and big-data parsing/querying.
  • Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.
  • Demonstrated professional experience in a technical coach or mentor capacity.
  • Proven Incident Response experience in the major Cloud Computing verticals MicroSoft, Amazon, Google, etc..
  • Proficient technical writing and technical content creation, for audiences of varying technical abilities.
  • Advanced proficiency with common scripting languages, regular expression (regex), in addition to analysis of Cloud, on-premise, removable media asset types.
Desired Qualifications:
  • Certifications: CISSP, GCIH, GCFA, GCFE, GMON, GSEC, or other relevant security certifications.
  • Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email security platforms.
  • Knowledge of industrial control systems, compliance standards (e.g., NERC CIP), and related cyber security standards (e.g., IEC 62443).
What We Believe

We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment.

Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here

Equal Employment Opportunity Statement

Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation.

All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Accenture is committed to providing veteran employment opportunities to our service men and women.

For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement .

Requesting An Accommodation

Accenture is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.

If you would like to be considered for employment opportunities with Accenture and have accommodation needs for a disability or religious observance, please call us toll free at 1 (877) 889-9009, send us an email or speak with your recruiter.

Other Employment Statements

Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.

Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.

Job ID: AccentureInc-R00035547
Employment Type: Other