Accenture Lead/ Incident Response Investigator in Singapore, Singapore
Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Interactive, Technology and Operations services—all powered by the world’s largest network of Advanced Technology and Intelligent Operations centres. Our 506,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities. Visit us at www.accenture.com.
Our Cyber Investigation and Forensic Response (CIFR) practice is rapidly growing, and we are hiring mid to very senior level incident response and threat hunting professionals to work with our F500 enterprise customers. With our recent acquisitions we continue to enhance our incident response, threat hunting, forensics, threat intelligence, and purple teaming capabilities.
With Accenture Security, you will be part of a specialized team to respond to some of the largest and most complex data breaches around the world, as well as conduct cyber threat hunting in some of the most complex business environments, leveraging a variety of tools and techniques. You will work in a fast paced and highly collaborative environment along with a diverse team of talent, in support of one mission – providing expert incident response services to Accenture customers
· Lead end-to-end incident response investigations with Accenture’s customers
· Identify and investigate intrusions to determine the cause and extent of the breach, by leveraging EDR solutions and threat intelligence sources
· Conduct host forensics, network forensics, log analysis, and malware analysis in support of incident response investigations
· Conduct threat hunting across customer’s networks with indicators of compromise, hunting for evidence of a compromise
· Conduct incident response within various Cloud platforms
· Identify attacker tools, tactics, and procedures to develop indicators of compromise · Develop and implement remediation plans in conjunction with incident response · Form and articulate expert opinions based on findings and analysis · Produce comprehensive and accurate oral and written reports and presentations for both technical and executive audiences · Effectively communicate and interface with customers, both technically and strategically from the executive level, to customers stakeholders and legal counsel · Support leadership in properly scoping engagements with innovative methodical approaches, based on customer requirements · Lead engagement delivery from kickoff through remediation, either on premises or remote, depending on customer requirements · On-site, customer travel will be required for this position, with the requirement to travel up to 50%
Expert knowledge of forensic file system and memory techniques and use of the most commonly used toolsets, such as EnCase and FTK Suite
Deep technical knowledge of methods utilized for evidence collection, maintenance of chain of custody and associated documentation, evidence storage and analysis, and evidentiary reporting Experience with IDA Pro, OllyDbg, other disassemblers/ debuggers Thorough understanding of cyber security operations, security monitoring, EDR and SIEM tools, to include Endgame, Falcon, and Splunk Detailed knowledge of Windows & Unix based operating systems and administrative tools Windows disk and memory forensics Unix or Linux disk and memory forensics Static and dynamic malware analysis Network traffic and protocol analysis utilizing tools such as Wireshark Applied knowledge of security controls such as authentication and identity management, security enhanced network architectures and application based controls (including Windows, Unix, and network equipment)
Excellent time management, writing and communication skills Strong analytic, qualitative, and quantitative reasoning skills
Nice Skills to Have
Bachelor's Degree in Computer Engineering, Computer Science, Cyber Security, Information Security or related disciplines Security certifications: CISSP, SANS GIAC (GREM, GCFA, GCIH), OSCP Minimum 5 years of comparable experience You will also have opportunities to hone your functional skills and expertise in an area of specialization. We offer a variety of formal and informal training programs at every level to help you acquire and build specialized skills faster. Learning takes place both on the job and through formal training conducted online, in the classroom, or in collaboration with teammates. The sheer variety of work we do, and the experience it offers, provide an unbeatable platform from which to build a career.
Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law.
- Accenture Jobs