Job Description
Ready to lead with purpose? Join Accenture's world-class Security Operations team as a Security Operations (SIEM) Lead and drive innovation in cybersecurity managed services. Based in Cebu, you will spearhead the design, implementation, and continuous improvement of SIEM solutions that protect global clients from evolving threats. This is an opportunity to combine technical expertise with leadership, mentoring a team of skilled analysts while collaborating with cross-functional teams to deliver proactive security operations.
As a trusted advisor, you will shape security strategies, optimize detection capabilities, and ensure rapid incident response. At Accenture, we foster a culture of inclusion, continuous learning, and digital transformation—empowering you to make a tangible impact on business resilience. If you are passionate about cybersecurity and ready to amplify your career, join us and be part of a team that sets the standard for managed security services.
Responsibilities
- Lead and mentor a team of security analysts in 24/7 monitoring, threat detection, and incident response using SIEM platforms (Splunk, QRadar, ArcSight).
- Design, configure, and optimize SIEM use cases, correlation rules, and dashboards to enhance threat visibility and reduce false positives.
- Oversee the investigation and triage of security alerts, ensuring timely and accurate resolution across managed client environments.
- Collaborate with clients to understand their security requirements and tailor managed services to meet SLAs and compliance standards.
- Drive continuous improvement by refining SOC processes, playbooks, and automation to increase operational efficiency.
- Conduct regular threat hunting and proactive analysis to identify advanced persistent threats and emerging attack patterns.
- Provide technical guidance during security incidents and lead post-incident reviews to extract actionable lessons.
- Stay current with cybersecurity trends, adversary tactics, and SIEM innovations, translating insights into enhanced detection strategies.
Qualifications
- 4+ years of experience in cybersecurity operations with a focus on SIEM technologies (Splunk, QRadar, or ArcSight).
- 2+ years of leadership experience managing or mentoring a security operations team.
- Strong understanding of cyber threats, attack frameworks (MITRE ATT&CK), and incident response lifecycle.
- Hands-on experience with log analysis, network security, endpoint detection, and cloud security.
- Proficiency in developing correlation rules, alerts, and custom SIEM content.
- Excellent communication and stakeholder management skills, with a client-centric mindset.
- Relevant certifications (e.g., CISSP, CEH, Splunk Power User, GIAC) are highly valued.
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).