Cyber Incident Response and Threat Hunting Associate Manager - Location Negotiable
Accenture – Memphis, TN
The Cyber Investigation and Forensics Response team (CIFR) is an elite cyber security consulting organization within Accenture Security, specializing in adversary simulation, red teaming, cyber defense consulting, incident response and threat hunting.
Our CIFR practice is rapidly growing, and we are hiring mid to very senior level incident response and threat hunting professionals to work with our F500 enterprise customers. With our recent acquisitions we continue to enhance our incident response, threat hunting, forensics, threat intelligence, and red teaming capabilities.
At CIFR, you will be part of a specialized team to respond to some of the largest and most complex data breaches around the world, as well as conduct proactive cyber threat hunting in some of the most complex corporate environments, leveraging a variety of tools and techniques. You will work in a fast paced and highly collaborative environment.
Identify and investigate intrusions to determine the cause and extent of the breach, leveraging threat intelligence sources
Hunt for and identify threat actor groups and their techniques, tools, and processes
Participate in Hunt missions using threat intelligence, analysis of anomalous log data and anomalous sessions to detect and eradicate threat actors
Develop Threat Hunting dashboards and reports to identify potential threats, suspicious/anomalous activity, and malware
Identify malicious or anomalous activity based on event data from network flows, EDR and other sources
Perform deep dive analysis by correlating data from various sources
Provide expert analytic investigative support for critical Incident Response security incidents
Maintain proficiency with security standards, tools and practices
Produce comprehensive and accurate oral and written reports and presentations for both technical and executive audiences
Effectively communicate and interface with client, both technically and strategically from the executive level, to client stakeholders and legal counsel
Act as an escalation support for client’s Incident Response teams on critical security events
On-site, client travel will be required for this position depending on client requirements, up to 50%
Bachelor Degree in Computer Science, Information Systems or a related technical field
Minimum of 8 years of experience in Information Security Incident Response, Cyber Threat Hunting
Proven track record of successful innovative hunts that are completed in a timely manner
Thorough understanding of how to identify malicious activity within a network and think outside the box to discover the signal within the noise
Proven success working across organizational and geographic boundaries
Familiarity with iDefense Threat Intelligence platform
Familiarity with EDR security tools for Threat Hunting
Experience in performing malware analysis
Experience with utilizing SIEM tool effectively in triage events and search capabilities
Strong background within Incident Response & Threat Hunting including IOC (Indicators of Compromise) & TTP (Tactics, Techniques & Procedures)
Strong knowledge in TCP/IP, cryptographic protocols and algorithms, operating system (MAC\Linux\Windows) internals and operations
Deep Understanding of common Attack Vectors DDoS attacks, Phishing, Web Attacks, and Malware
Experience in responding to security incidents involving Amazon Web Services, Google Cloud Platform, Azure, or hybrid network architectures
Experience in Office 365 investigations including Business Email Compromises and banking fraud
Security certifications: SANS GIAC (GREM, GCFA, GCIH), OSCP
Experience in user behavior analytics tools and investigation
Experience in Endpoint Detection and Response (EDR) and Network Forensic tools
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
Accenture is a federal contractor and an EEO and Affirmative Action Employer of Females/Minorities/Veterans/Individuals with Disabilities.
Equal Employment Opportunity
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Accenture is committed to providing veteran employment opportunities to our service men and women.
This job posting is no longer available on OPTnation. Find similar jobs: on Job Search