TO34 Incident Response and Forensics Lead
Washington, DC
Accenture Federal Services
Accenture hilft mit innovativen Lösungen und umfassender Branchenexpertise die Herausforderungen der digitalen Ära zu meistern. Erfahren Sie mehr!We are:
Accenture Federal Services, a wholly owned subsidiary of Accenture LLP, is a U.S. company with offices in Arlington, VA, San Antonio, TX, and St. Louis, MO. Accenture's federal business has served every cabinet-level department and 30 of the largest federal organizations. Accenture Federal Services transforms bold ideas into breakthrough outcomes for clients at defense, intelligence, public safety, civilian and military health organizations.
We believe that great outcomes are everything. It’s what drives us to turn bold ideas into breakthrough solutions. By combining digital technologies with what works across the world’s leading businesses, we use agile approaches to help clients solve their toughest problems fast—the first time. So, you can deliver what matters most.
Count on us to help you embrace new ways of working, building for change and put customers at the core. A wholly owned subsidiary of Accenture, we bring over 30 years of experience serving the federal government, including every cabinet-level department. Our 9,000 dedicated colleagues and change makers work with our clients at the heart of the nation’s priorities in defense, intel, public safety, health and civilian to help you make a difference for the people you employ, serve and protect.
The Work:
This is a hands-on role, responsible for managing a team and performing investigations, analysis, and responses to cyber incidents. This person must be able to work on-site. This role provides technical support in areas of cyber security to include cloud security, endpoint security, access management, secure networking, and incident response. Responsibilities include but are not limited to: Manage day to day operations of the team. Perform briefings, direct coordination with the customer, develop responses to incidents to upper Federal Leadership. Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Coordinate incident response functions. Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response.
Here's what you need:
- 7+ years of relevant Cybersecurity work experience.
- Experience with NIST compliance.
- Experience in intrusion detection methodologies and techniques for detecting host and network-based intrusions, cyber defense and information security policies, procedures, and regulations.
- Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters), performing damage assessments, securing network communications, and using security event correlation tools.
- Experience with incident categories, incident responses, and timelines for responses and handling methodologies.
- Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state-sponsored, and nation sponsored) and of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Knowledge of malware analysis concepts and methodologies and skills to identify, capture, contain and report malware.
- Knowledge of cloud service models and how those models can limit incident response.
- Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
- Knowledge of system administration, network, and operating system hardening techniques.
- Experience recognizing and categorizing system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Excellent written and verbal skills.
Bonus points if you have:
- At least one current recognized security professional certification
- Experience with EnCase Enterprise toolsets
- Experience with CrowdStrike or similar endpoint detection & response tools
- Experience with Cellebrite UFED toolsets
- Experience with cloud service providers, such as Microsoft AWS and Azure
- Experience with cloud containers
US Citizens with TS clearance required.
As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii, New York, Washington, and the District of Columbia. The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. We accept applications on an on-going basis and there is no fixed deadline to apply.
The pay range for the states of California, Colorado, Hawaii, New York, Washington, and the District of Columbia is:$97,300—$234,900 USD What We Believe We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture Federal Services has the responsibility to create and sustain an inclusive environment. Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here Equal Employment Opportunity Statement Accenture Federal Services is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Accenture is committed to providing veteran employment opportunities to our service men and women. For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement. Requesting An Accommodation Accenture Federal Services is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture Federal Services and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired. If you are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter. Other Employment Statements Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States. Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.
Tags: Agile Application security AWS Azure C Clearance Clearance Required Cloud Compliance CrowdStrike Cyber defense DNS EnCase Endpoint security Forensics Incident response Intrusion detection Malware NIST Scripting SQL TCP/IP Vulnerabilities XSS
Perks/benefits: Career development Health care Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs