Security Consulting Lead

Security Consulting Lead

Project Role : Security Consulting Lead
Project Role Description : Lead the effort and teams to enable development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes.
Must have skills : Splunk
Good to have skills : NA
Minimum 5 year(s) of experience is required
Educational Qualification : 15 years full time education

Main Skill: 1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management 2. Risk Based Alerts and Risk Incidents 3. Asset and Identities 4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc. 2. Risk Based Alerts and Risk Incidents 3. Asset and Identities Framework in Splunk 4. Incident Response, Standard Operations Procedure Knowledge 5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle 2. Source Integrations various sources 3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR 5. Azure DevOps Roles & Responsibilities: 1. Architecture and strategy: Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accenture’s overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accenture´s Security environments. 2. Leadership: Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical: The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts. 4. Operational: Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience: 1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle 2. Azure DevOps 3. Custom Tools Development 4. Security Incident Management Professional Experience: 1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense 2. Graduation – BE 3. Proficient use of English, advanced communication skills. 4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEH Role Description: • Support SIEM detection content creation for notables with a focus on Risk Based Alerting. • Create and maintain documentation on new or existing detections, integrations, and dependencies. • Interface with our SOC to pilot new content, process feedback, update incident response guidelines. • Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives.