Apply on Employer Site

Accenture Federal Services · 6 hours ago

SIEM/SOAR Administrator/Assessor Associate Director

St. Louis, MO

Full-time

Onsite

Mid, Senior Level, Lead/Staff

$186K/yr - $361K/yr

5+ years exp

Accenture Federal Services is dedicated to helping the US federal government enhance national security and public safety. The SIEM/SOAR Administrator Associate Director is responsible for managing and optimizing SIEM and SOAR systems, conducting assessments, and recommending improvements to enhance security operations.

ConsultingFinanceInformation TechnologyManagement ConsultingOnline PortalsProfessional Services

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Configure, maintain, and optimize SIEM and SOAR platforms

Develop and implement use cases, correlation rules, and playbooks

Troubleshoot and manage issues related to data collection, analysis, and reporting

Assess the existing and to be state of the NOC and SOC operating environment

Conduct gap analysis to identify areas for improvement in current toolset

Integrate SIEM/SOAR systems with other security and network tools

Ensure proper data flow and communication between different security systems

Troubleshoot integration issues and work with vendors to resolve problems

Create and maintain dashboards for real-time visibility into security events

Review and assess existing security business processes

Identify inefficiencies, redundancies, or gaps in current processes

Recommend process improvements to enhance security operations

Ensure SIEM/SOAR configurations meet compliance requirements

Prepare documentation and evidence for security audits

Assist in developing and maintaining policies and procedures related to SIEM/SOAR usage

Provide technical support during security incidents

Work closely with NOC, SOC, and other IT teams to align SIEM/SOAR capabilities with operational needs

Participate in cross-functional projects related to security improvements

Qualification

SIEM/SOAR platformsCybersecurity operationsData analysisScripting languagesCompliance knowledgeAnalytical skillsProcess improvementCommunication skillsCollaboration skillsDocumentation skillsProblem-solving skills

Required

Bachelors degree

5-10 years of experience in cybersecurity operations, security tools administration, or a related field

Hands-on experience with SIEM/SOAR platforms (e.g., Splunk, QRadar, LogRhythm, ArcSight, Sentinel, Cortex XSOAR, or others)

Experience in configuring and optimizing use cases, correlation rules, and playbooks

Proficiency in troubleshooting and managing issues related to data collection, analysis, and reporting

Strong understanding of security and network protocols, data flow, and integration of security tools

Familiarity with scripting and automation languages (e.g., Python, PowerShell) for creating custom scripts and integrations

Knowledge of compliance requirements and best practices for SIEM/SOAR configurations

Ability to conduct gap analysis to identify areas for improvement in the NOC and SOC operating environments

Strong analytical and problem-solving skills to assess and enhance security processes

Strong ability to document and prepare evidence for security audits

Excellent communication skills to work effectively with NOC, SOC, and cross-functional IT teams

Ability to translate technical findings into actionable recommendations for non-technical stakeholders

US Citizenship Required

The ability to obtain and maintain a Secret clearance

Preferred

Knowledge of compliance frameworks such as NIST, ISO 27001, or others

Familiarity with dashboard creation and real-time monitoring for security events

Proven track record of process improvement and driving efficiency in security operations

Relevant certifications such as CISSP, CISM, CEH, GIAC, or SIEM/SOAR-specific certifications (e.g., Splunk, QRadar, Palo Alto Cortex XSOAR certifications)