Cybersecurity Incident Response Triage Analyst

Accenture Federal Services•Arlington, VA

About The Position

At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations. Join Accenture Federal Services, a technology company within global Accenture. Recognized as a Glassdoor Top 100 Best Place to Work, we offer a collaborative and caring community where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward! The Cybersecurity Incident Response Junior Analyst and Triage Analyst role will work in the CIRT team in the CISO organization. This role works on a shift under the analysis and triage team lead to relate, scope, and triage alerts and notifications from the SIEM, security sensors, ticketing system, walk-ins, and phone calls. Requires technical understanding to collaborate with the incident response and operations teams to qualify events as relevant and determine true and false positives. Knowledge in incident response lifecycles, common cyber-attacks, and federal incident reporting requirements.

Requirements

US Citizenship required
1 - 2 years of experience in information security, or other equivalent combination of education or equivalent work experience.
1-year of experience performing event and log analysis including one or more of the following: Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Data loss prevention tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions.
Excellent written and oral communication skills, attention to detail, and interpersonal skills.
Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
Familiarity with TCP/IP, common application layer protocols, and packet analysis of the same.
Familiarity with static and dynamic malware analysis concepts.
Experience with indicators of attack and compromise.
Familiarity with Windows / Linux architecture and endpoint analysis of the same.
Familiarity with basic data parsing and analysis tools, i.e., Excel, grep, sed, awk, regex, etc

Nice To Haves

SANs GIAC Certifications including but not limited to GCED, GCLD, GCIH, GCFA, GREM

Responsibilities

Actively monitor and respond to cybersecurity incidents related to alerted policy violations
Analyze and investigate incidents to determine their nature and scope.
Coordinate with the lead and other Cybersecurity Incident Response Teams for effective incident resolution.
Document incidents and response activities in detail.
Stay updated with the latest cybersecurity threats and trends.
Assist in developing and refining incident response strategies and procedures.
Collaborate with operations teams, legal, human resources and management to investigate security issues and interview investigation subjects to determine true and false positives.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume