Detection Engineer

Accenture Federal Services•Arlington, VA

About The Position

At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations. Join Accenture Federal Services, a technology company within global Accenture. Recognized as a Glassdoor Top 100 Best Place to Work, we offer a collaborative and caring community where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward! The Detection Engineer will work on the Cyber Incident Response Team (CIRT) within the Information Security organization.

Requirements

U.S. Citizenship required
Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
6 + years experience in information security or equivalent combination of education and work experience
2+ years experience performing event and log analysis across enterprise security tools (AV, IDS/IPS, Firewalls, Active Directory, Web Proxies, DLP, SIEM)
Hands-on experience with: Microsoft Sentinel & KQL (minimum 1 year) Cisco FirePower and IDS/IPS configuration (minimum 1 year) SIEM platforms (Sentinel preferred) Detection engineering: designing and tuning signatures for IoCs and IoAs Packet and malware analysis using tools like Wireshark Git and GitHub for detection code version control and collaborative workflows Scripting and parsing (regex, PowerShell, Python, grep, sed, awk) TCP/IP, application layer protocols, and Windows/Linux internals MITRE ATT&CK framework for detection mapping

Nice To Haves

Threat hunting and automation experience
Familiarity with cloud security monitoring (Azure, AWS)
Certifications such as GIAC GCIA, GCED, or Microsoft Security Operations Analyst Associate

Responsibilities

Design, engineer, and implement security detection initiatives under the cybersecurity team lead.
Develop new detection logic for SIEM (Microsoft Sentinel) and network security platforms (Cisco FirePower, IDS/IPS), incorporating AI-driven tooling where applicable.
Write and optimize KQL queries for Sentinel to improve detection fidelity and reduce false positives.
Tune detection sets to raise security-relevant events for triage and response teams.
Maintain version control of detection logic using Git and GitHub workflows for collaborative development and auditability.
Bridge the gap between network engineering and cybersecurity teams to advocate for secure network designs and maximize security device capabilities.
Conduct technical briefings to enhance team awareness of network architecture and detection strategies.
Collaborate with operations and management to recommend improvements to security posture and ensure compliance with industry and federal standards (e.g., NIST, CISA).

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume