Threat Analyst

At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations.   Join Accenture Federal Services to do the work you love in an inclusive, collaborative, and caring community, where you can be empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more.   Join us to drive positive, lasting change that moves missions and the government forward!  

Job Description: 

AFS is seeking a Threat Analyst to perform rapid investigation and remediation of advanced attacks that require analysis and remediation, often escalated from the Triage Team. This Analyst will also directly monitor alerts for sensitive assets and known attacker campaigns. This role may include the need to work outside of core hours on high priority investigations and may also include on-call responsibilities.

The Work:

• Proactively Hunting for adversaries using proprietary & 3rd party tools
• Directly monitoring and investigating for sensitive asset compromise
• Recommending remediation or perform remediation steps outside of automated responses
• Reconciling technical details obtained from various sources of information during adverse events
• Determining impacted assets, endpoints, and users from attacks
• Conducting Incident Management, after-action reporting, and documentation
• Evaluating security risks and impact 

Here's what you need: 

• 4+ years of experience directly supporting Security Operations and/or Incident Response
• 2+ years working with and understanding of APT and associated tactics, attack frameworks, technology and security principles, and knowledge of the cyber threat landscape
• 2+ years experience in one or more of the following: Bash, Python, Kusto Query Language, RegEx
• 2+ years experience working with small expert teams in 8x5 or 24x7x365 environments

Bonus points if you have:

• Experienced with Splunk, HBSS, ACAS, Microsoft Security Products
• Incident Responder certification highly desired (GCFA, GCIH, CEH, SCYBER)
• Experience with DevSecOps pipelines supporting Security Operations
• Experience leading Incident Response teams
• Deep analytical thinking and information processing skills

Security Clearance:

• Must have an active TS/SCI security clearance

Compensation for roles at Accenture Federal Services varies depending on a wide array of factors including but not limited to the specific office location, role, skill set and level of experience. As required by local law, Accenture Federal Services provides a reasonable range of compensation for roles that may be hired in California, Colorado, New York, or Washington State as set forth below and information on benefits offered is here.   
 
Role Location: Range of Starting Pay for role:  
California: $122,600 - $234,900
Colorado: $122,600 - $202,900
New York: $113,500 - $234,900
Washington: $130,500 - $215,900

  What We Believe  We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture Federal Services has the responsibility to create and sustain an inclusive environment.   Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here   Equal Employment Opportunity Statement Accenture Federal Services is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation.    All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.   Accenture is committed to providing veteran employment opportunities to our service men and women.    For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement.   Requesting An Accommodation  Accenture Federal Services is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture Federal Services and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.   If you are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter.   Other Employment Statements  Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.   Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration.   Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.   The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.