Project Role : Security Delivery Lead
Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets).
Must have skills : Security Information and Event Management (SIEM)
Good to have skills : NA
Minimum 5 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: The SOAR/SIEM Engineer will be responsible for designing, implementing, optimizing, and maintaining security monitoring and automation capabilities across the organization. The role requires deep technical expertise in SIEM architecture, log onboarding, use case creation, and SOAR automation workflows to improve the efficiency and effectiveness of the SOC. Roles & Responsibilities: - Design, deploy, configure, and maintain SIEM platforms (e.g., Splunk, Tines) - Onboard and normalize log sources across applications, infrastructure, cloud, network, and security tools. - Develop advanced correlation rules, detections, dashboards, threat models, and reports. - Perform SIEM health monitoring, performance tuning, capacity planning, and patch/upgrade activities. - Ensure data quality, parsing accuracy, and optimal log ingestion strategies. - Design and build automation playbooks using SOAR platforms Tines. - Integrate SOAR with SIEM, EDR, NDR, threat intel platforms, ticketing tools, and email gateways. - Automate repetitive SOC tasks such as enrichment, triage, containment, notifications, and ticketing. - Maintain and optimize playbooks for reliability, performance, and security. - Conduct testing, versioning, and documentation for all automation workflows. - Translate threat intelligence, MITRE ATT&CK mapping, and risk scenarios into actionable use cases. - Design detection logic leveraging logs, network data, endpoint telemetry, and user behavior analytics. - Conduct periodic detection tuning and false positive reduction. - Support threat hunting and purple team exercises by validating detection coverage. - Work closely with SOC Analysts to understand requirements and improve detection and response processes. - Assist during incident investigations with log analysis and technical guidance. - Provide escalation support for SIEM/SOAR-related issues. - Create and maintain technical documentation, SOPs, playbooks, and architecture diagrams. - Ensure compliance with internal and external cybersecurity standards and audit requirements. - Provide regular reports on engineering activities, automation outcomes, and detection metrics. Professional & Technical Skills: - Hands-on experience with Splunk (SIEM) and Tines (SOAR) - Must To Have Skills: Proficiency in scripting languages (Python, PowerShell, JavaScript, Bash) for automation. - Strong understanding of security technologies: firewalls, proxies, EDR, NDR, IAM, cloud security tools. - Experience with incident response and threat management processes. - Familiarity with security monitoring tools and technologies. - Ability to analyze security events and provide actionable insights. - Knowledge of cloud environments (AWS, Azure, GCP) and their logging frameworks. - Knowledge of log formats (CEF, JSON, Syslog), parsing, regex, and data normalization. - Familiarity with MITRE ATT&CK, cyber kill chain, and detection engineering frameworks. - 24x7 Rotaional Shift - Excellent communication skills to collaborate with SOC, IT, Cloud, and application teams. - Ability to work independently on engineering tasks and solution development. - Strong documentation and process discipline. Additional Information: - The candidate should have minimum 8 years of experience in Security Information and Event Management (SIEM). - This position is based at our Bengaluru office. - A 15 years full time education is required. - Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. - Splunk Architect / Power User - Microsoft Sentinel or Azure Security certifications

15 years full time education

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.

Visit us at www.accenture.com 

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.