Security Operations Center Specialist

We Are
Accenture Security helps organizations prepare, protect, detect, respond, and recover along all points of the security lifecycle. Cybersecurity challenges are different for every business in every industry. Leveraging our global resources and advanced technologies, we create integrated, turnkey solutions tailored to our clients’ needs across their entire value chain. Whether we’re defending against known cyberattacks, detecting and responding to the unknown, or running an entire security operations center, we will help companies build cyber resilience to grow with confidence. Our team of the security sector’s brightest people use the coolest tech to out-hack the hackers and help clients build resilience from within. We blend risk strategy, digital identity, cyber defense, application security and managed service solutions to rethink the entire security lifecycle.

You Are:
Passionate about security, love what you do and have a genuine desire to outsmart the bad guys. You have the experience to analyze a clients’ security posture, anticipate security requirements and help find right-sized solutions based on industry leading practices. You have a proven track record working successfully in a fast-paced, team-oriented environment. You’re a creative, analytical problem solver with above average documentation skills who can speak to both technical and non-technical audiences. Can apply deep security skills to design, build and protect enterprise systems, applications, data, assets and people for Accenture and our clients. You are eager to put your skills to use by helping us help our clients inject security at every level of their organization.

Key Responsibilities
Threat Detection & Response
• Monitor, analyze, and investigate alerts from Microsoft Sentinel and the Defender Suite (for Endpoint, Cloud, Office 365, Identity).
• Execute triage, containment, eradication, and recovery activities for security incidents.
• Apply the MITRE ATT&CK framework to classify and track adversary TTPs.
• Perform forensic analysis and root-cause investigations on compromised assets.
Threat Hunting & Analytics
• Conduct proactive threat hunting using Kusto Query Language (KQL) to identify anomalies and emerging IOCs.
• Develop and fine-tune analytic rules, workbooks, and hunting queries within Microsoft Sentinel.
• Leverage Copilot for Security to streamline investigations, reporting, and post-incident reviews.
Automation & Engineering
• Build, deploy, and maintain SOAR playbooks using Logic Apps for automated response workflows.
• Onboard and normalize new log sources across on-prem and cloud environments.
• Continuously tune detection logic to reduce false positives and enhance signal fidelity.
• Integrate with ServiceNow SecOps SIR for case management, escalation, and incident lifecycle tracking.
Operational Excellence
• Maintain SOC tool health, data retention, and asset classification.
• Produce detailed incident reports, executive summaries, and SOC dashboards aligned with KPIs and SLAs.
• Participate in knowledge sharing, process optimization, and development of new SOPs.
• Provide guidance to Level 1 analysts and contribute to peer mentoring and continuous improvement initiatives.