Project Role : Security Consulting Practitioner
Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders.
Must have skills : Security Information and Event Management (SIEM)
Good to have skills : NA
Minimum 2 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: As a Level 1.5 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sentinal One and Splunk SIEM, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. This role requires deep expertise in detection, investigation, containment, and remediation, as well as collaboration with multiple teams across security, IT, and compliance. Roles & Responsibilities: - Investigate alerts escalated by L1 to determine scope, impact, and root cause - Perform in-depth endpoint and network triage using Sentinel One - Use Sentinel One to perform endpoint analysis and threat validation - Correlate multiple log sources in Splunk to trace attacker activity - Enrich events with asset, identity, and threat intelligence context - Document investigation workflows, evidence, and final conclusions - Support L2 during major incidents by performing log or memory triage - Suggest improvements in alert logic & fine tunning. - Conduct threat research aligned to alert patterns and business context - Enhance alert fidelity with threat intel and historical context - Document investigation findings and communicate with stakeholders Professional & Technical Skills: - Alert Triage & Monitoring: Experience investigating escalated alerts using SIEM or EDR - Incident Response and Containment: Take necessary actions to contain, eradicate and recover from security incidents. - Identify opportunities for automation and work with SIEM Platform Support team for implementing it. - EDR Deep Dive: Using Real Time Response (RTR), Threat Graph, custom IOA rules - Proficiency in writing SPL queries, dashboards and providing fine tuning opportunities - Threat Hunting: Behavior-based detection using TTPs - Good understanding of malware, lateral movement, privilege escalation, and exfiltration patterns - Threat Intel Integration: Automation of IOC lookups and enrichment flows - Forensic Skills: Live host forensics, log correlation, malware behavioral analysis - Good experience in advanced threat detection and incident response - Proficiency in Sentinal One forensic and incident response capabilities - Playbook Development/Updation: Able to define, update, and optimize IR playbooks and workflows - Forensic analysis (memory, file systems, logs) - Cloud incident handling (AWS, Azure) - Dashboarding: Advanced visualizations and business-focused metrics in Splunk - Certifications: Splunk Certified Admin/ES Admin, SC-200, Sentinal One EDR vendor training - Sentinal One: Custom detections, forensic triage, threat graphs - Splunk SIEM (core + ES module): Searching Logs, Monitoring and investigating alerts. Additional Information: - The candidate should have minimum 2+ years in SOC/IR . - Experience in 24x7 environments, shift-based operations, or critical infrastructure response - This position is based at our Hyderabad office. - A 15 years full time education is required. - Bachelors in IT/Cybersecurity + advanced certifications (CISSP), Splunk Certified Admin/ES admin, EDR Certification (like Sentinal One) etc.

15 years full time education

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.

Visit us at www.accenture.com 

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.