Security Architect

Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Security Information and Event Management (SIEM) Operations
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: As a Level 2 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sumo Logic and CrowdStrike Falcon, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. Roles & Responsibilities: • -Intermediate Sumo Logic SIEM query and dashboarding skills -Alert Triage & Investigation: Experience investigating escalated alerts using SIEM or EDR -Hands-on experience with CrowdStrike EDR investigations -Incident Response and Containment: Take necessary actions to contain, eradicate and recover from security incidents. -Malware Analysis: Perform malware analysis using the sandboxing tools like CS etc. -SOAR Execution: Running and modifying basic playbooks in Sumo Logic SOAR -Incident Reporting and Documentation: Strong reporting skills with accurate detail capture to provide the RCA for the true positive security incidents with detailed documentation. -Communication & Collaboration: Send emails to request information, provide updates, and coordinate with different teams to ensure tasks are completed efficiently. -MITRE ATT&CK Mapping: Ability to classify incidents with tactics/techniques -Alert fine tuning recommendations to reduce false positive noise -Investigate alerts escalated by L1 to determine scope, impact, and root cause -Perform in-depth endpoint and network triage using CrowdStrike -Use CrowdStrike Falcon to perform endpoint analysis and threat validation -Correlate multiple log sources in Sumo Logic to trace attacker activity -Execute or verify SOAR playbooks for containment actions (isolate host, disable user) -Enrich events with asset, identity, and threat intelligence context -Document investigation workflows, evidence, and final conclusions -Support L3 during major incidents by performing log or memory triage -Suggest improvements in alert logic or SOAR workflow to reduce false positives -Conduct threat research aligned to alert patterns and business context -Enhance alert fidelity with threat intel and historical context -Document investigation findings and communicate with stakeholders Professional & Technical Skills: -Exposure to threat hunting techniques -Scripting to assist SOAR playbook tuning -Triage Automation: Ability to identify playbook gaps and recommend improvements -Cloud Security Basics: Awareness of log patterns from AWS/Azure -Log Analysis: Correlation and trend identification in Sumo Logic -Certifications: SC-200, CySA+, ECSA or relevant advanced certification -SIEM: Advanced queries, dashboards, correlation logic -SOAR: Execute and troubleshoot playbooks -Tools: CrowdStrike (RTR, detections, indicators), Sumo Logic SIEM -Threat Analysis: IOC enrichment, TTP identification -Primary Skill: Incident Investigation and Enrichment Additional Information: - The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM) Operations. - This position is based at our Bengaluru office. - A 15 years full time education is required.

15 years full time education

About Accenture

We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.Join Accenture to work at the heart of change.

Visit us at www.accenture.com 

Equal Employment Opportunity Statement

All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment opportunities to our service men and women.