141 applicants

This job has closed.

Company

Accenture Federal Services · 21 hours ago

Cybersecurity Incident Response Analyst

Arlington, VA

Full-time

Remote

Entry Level

$54K/yr - $116K/yr

1+ years exp

Maximize your interview chances

ConsultingFinance

Actively Hiring

No H1B

U.S. Citizen Only

Insider Connection @Accenture Federal Services

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Actively monitor and respond to cybersecurity incidents related to alerted policy violations

Analyze and investigate incidents to determine their nature and scope.

Coordinate with the lead and other Cybersecurity Incident Response Teams for effective incident resolution.

Document incidents and response activities in detail.

Stay updated with the latest cybersecurity threats and trends.

Assist in developing and refining incident response strategies and procedures.

Collaborate with operations teams, legal, human resources and management to investigate security issues and interview investigation subjects to determine true and false positives.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Incident response lifecycleEventLog analysisSecurity InformationEvent Management (SIEM)Cybersecurity threats knowledgeData loss prevention toolsAnti-VirusIntrusion Detection SystemsFirewallsActive DirectoryWeb ProxiesTCP/IPPacket analysisWindows architectureLinux architectureCISSPSANs GIAC CertificationsData parsing toolsMalware analysis conceptsIndicators of attackSoft skills

Required

US Citizenship required

Excellent communication skills (written and verbal) and knowledge in incident response lifecycles, common cyber-attacks, insider-threat indicators and warnings, data loss prevention and detection mechanisms, and federal incident reporting requirements.

1-2 years’ experience in information security, or other equivalent combination of education or equivalent work experience.

1-year(s) of experience performing event and log analysis including one or more of the following: Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Data loss prevention tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions.

Familiarity with TCP/IP, common application layer protocols, and packet analysis of the same.

Preferred

SANs GIAC Certifications including but not limited to GCED, GCLD, GCIH, GCFA, GREM; CISSP

Experience presenting complex technical information to decision makers and leading them through the decision-making process

Work independently to deliver timely solutions without direct supervision

Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.

Familiarity with static and dynamic malware analysis concepts.

Experience with indicators of attack and compromise.

Familiarity with Windows / Linux architecture and endpoint analysis of the same.

Familiarity with basic data parsing and analysis tools, i.e., Excel, grep, sed, awk, regex, etc.