Threat Detection Engineering Lead/Analyst

Ready to join Accenture’s team of empowered people? We’re looking for candidates with the following skills and experience for this role. Do you fit the profile? If you do, we’d love to hear from you!

In adherence to Accenture’s process of Identity Verification, your resume or CV must include your photo to ensure the accuracy of your application.

Who we are:

Accenture in the Philippines is a pioneer in Accenture’s global delivery network. Over the past 30 years, we have expanded our capabilities to become a powerhouse company providing end-to-end technology and business services. As part of Accenture’s global footprint in over 120 countries, covering 40-plus industries, we have been working with the biggest companies in the country and around the globe.

Innovation, a constant at Accenture, enables us to find new ways to stay ahead of our clients’ challenges. Our inclusive, diverse, and strong culture of equality helps us constantly drive innovation in the workplace. By combining our industry expertise and the deep skills of our people with the latest technologies and our uncompromising high-performance standards, we help organizations grow their business and succeed in the digital age.

What’s in it for you?

At Accenture you will work on meaningful and innovative projects, powered by the latest technologies. You’ll be immersed in industry best practices such as event-driven architectures and domain-driven designs. Accenture will continually invest in your learning and growth. You'll work with Accenture’s certified practitioners, and Accenture will support you in growing your own tech stack and certifications.

The Lead/Analyst will provide detection engineering services to alert general cybersecurity threats and insider threats. These roles include, but are not limited to:

Reviewing and researching threat intel and other sources for attacker tactics, techniques and procedures and applicable detective controls

Use case ideation

Baseline security monitoring implementation

Advanced threat detection development

Assist threat hunting and related content development

Detection efficacy validation and detection content optimization

Job Responsibilities/Description consist of:

Conducting threat actor TTP research and sharing products of that research with Cybersecurity Operations

Assessing whether effective detections exist for threats shared from intel

Bringing use cases that address threats to ideation sessions for review and prospective development

Collaborate with Cyber Incident Response Team, Threat Intel, and business application owners for use case ideation

Mapping ideated use cases to common frameworks used by Cyber Ops (MITRE ATT&CK, Kill Chain)

Develop threat detections to maintain baseline security monitoring requirements outlined in Risk-Based Logging Framework

Collaboration with the Logging and Monitoring Compliance team to implement monitoring content to address any gaps in baseline security monitoring

Enhancing SIEM detection capability using machine learning models in Security Data Lake (not the SIEM) to glean actionable security insights, as appropriate

Aiding CIRT/SOC by drafting playbooks (flowcharts with swim lanes) that outline alert response plans. This entails attending meetings to interactively discuss sequencing for alert response plans, required actions, contact groups, etc

Maintaining monitoring coverage maps for business applications and services with consideration to threat models, attack vectors, and MITRE coverage

Experience:

At least 3-5 years in Cyber Security Operations or related function as threat/detection engineer

Technical Skills

SIEM tools- Working knowledge of Security Information and Event Management (SIEM) tools such as Splunk are necessary

Threat Intelligence – Familiarity with Cybersecurity Frameworks (like MITRE ATT&CK), threat detection methodologies, and various types of malware

Programming & Scripting – Proficiency in programming languages like Python, etc., is beneficial for automating tasks and developing new detection methods

Soft skills

Analytical thinking

Good Communication

Collaboration

Additional Information:

This position is based at our Cubao office and will be following a shifting schedule with hybrid work set-up.

What we believe:

All our leaders are committed to building a better, stronger and more durable company for future generations to create positive, long-lasting change. Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and creative, which helps us better serve our clients and our communities.

Our position as partner to many of the world’s leading businesses, organizations and governments affords us both an extraordinary opportunity and a tremendous responsibility to make a difference. Sustainability is one of our greatest responsibilities, which we embed it into everything we do and for everyone we work with.

Accenture is committed to providing equal employment opportunities for persons with disabilities. Please let your recruiter know if you require reasonable accommodation to enable your participation in the recruitment process, they will be happy to assist you.

What’s in it for you?

Competitive Total Rewards (Compensation, Performance Bonus, 13th Month Pay, Day 1 HMO & Life Insurance Coverage)

Expanded maternity leave up to 120 days*

Expanded paternity leave up to 30 days*

Flexible Working Arrangements*

Healthy and Encouraging Work Environment

Company-sponsored trainings like upskilling and certification

Employee Stock Purchase Pan

Loyalty and Christmas Gift

Inclusion and Diversity Benefits

Car and housing plan*

Terms & Conditions apply

Equal employment Opportunity Statement:

All employment decisions shall be made without regard to age, race, creed, color, religion, gender, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment opportunities to our service men and women.

Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.

IMPORTANT REMINDER: We appreciate your interest in applying with Accenture. Please ensure to complete your profile and accomplish all required information in Workday within the next 24 hours, in order for us to start processing your application. You may access Workday by clicking the “Apply Now” button or refer to the link sent via SMS or email.