11 days old

Federal - Senior Incident Response Engineer

Washington, DC 20020
Organization: Accenture Federal Services

Location: Washington, DC

Accenture Federal Services, a wholly owned subsidiary of Accenture LLP, is a U.S. company with offices in Arlington, Virginia. Accenture's federal business has served every cabinet-level department and 30 of the largest federal organizations. Accenture Federal Services transforms bold ideas into breakthrough outcomes for clients at defense, intelligence, public safety, civilian and military health organizations.

We believe that great outcomes are everything. Its what drives us to turn bold ideas into breakthrough solutions. By combining digital technologies with what works across the worlds leading businesses, we use agile approaches to help clients solve their toughest problems fastthe first time. So, you can deliver what matters most.

Count on us to help you embrace new ways of working, building for change and put customers at the core. A wholly owned subsidiary of Accenture, we bring over 30 years of experience serving the federal government, including every cabinet-level department. Our 7,200 dedicated colleagues and change makers work with our clients at the heart of the nations priorities in defense, intel, public safety, health and civilian to help you make a difference for the people you employ, serve and protect.

Job Responsibilities:

+ Supports development of technical solutions to support client's requirements in solving moderately complex network, platform, and system security problems.

+ Create and modify security SIEM dashboards to clearly identify scope of findings, or monitor activity

+ Identify patterns/outliers within data sets that match threat actor TTPs, post compromise behavior, and otherwise unusual activity, such as insider threat.

+ Provide expert analysis investigative support of large scale and complex security incidents, and in many cases identify incidents for which a technical detection may not be available.

+ Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations in order to identify IOCs

+ Provide Tier III services reviewing investigation tickets, feedback to SOC analysts on analysis/writeup, developing tune request across all security products providing alerts, advanced network traffic and log analysis, working any escalated investigation requiring IR response such as insider threat, APT detection, complex malware analysis/forensics activities.

+ Tracks investigations to resolution and can provide an after action report as required.

Basic Skills & Requirements

+ 3+ years related work experience in one or more of the following organizations: Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) and with a foundation as a Security Operations Center (SOC) analyst.

+ Incident Response experience: developing tune requests, investigating APT related activities, updating SOPs, and improving processes.

+ Experience with Anti-Virus, Intrusion Detection Systems, Data Loss Prevention, Endpoint Tools, Packet Capture, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions (eg Splunk)

Preferred Skills & Qualifications:

+ Experience with tickets systems such as Archer and Service Now.

+ Scripting experience to automate queries and streamline tasks (eg. Python, PowerShell)

+ Strong foundation with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages.

+ One or more of the following certifications are strongly desired:

+ GIAC Certified Detection Analyst (GCDA)

+ GIAC Certified Enterprise Defender (GCED)

+ GIAC Certified Forensic Analyst (GCFA)

+ GIAC Certified Incident Handler (GCIH)

+ GIAC Certified Intrusion Analyst (GCIA)

+ GIAC Certified Perimeter Protection Analyst (GPPA)

+ GIAC Defending Advanced Threats (GDAT)

+ GIAC Network Forensic Analyst (GNFA)

+ Experience working within a government agency

+ Digital Media Analysis (DMA), prior computer forensics, Cyber Threat Intelligence or Cyber Hunt experience strongly desired

Important Information: US Citizenship - No Dual Citizenship

An active security clearance or the ability to obtain one
may be required for this role.

Candidates who are currently employed by a client of
Accenture or an affiliated Accenture business may not be eligible for

Applicants for employment in the US must have work
authorization that does not now or in the future require sponsorship of a visa
for employment authorization in the United States and with Accenture (i.e.,
H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).

Accenture is a Federal Contractor and an EEO and
Affirmative Action Employer of Females/Minorities/Veterans/Individuals with

Equal Employment Opportunity

All employment decisions shall be made without regard to
age, race, creed, color, religion, sex, national origin, ancestry, disability
status, veteran status, sexual orientation, gender identity or expression,
genetic information, marital status, citizenship status or any other basis as
protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or
expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment
opportunities to our service men and women.


Posted: 2020-10-16 Expires: 2020-11-15

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Federal - Senior Incident Response Engineer

Washington, DC 20020

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast