AI

Security Architect

Accepting applications

Accenture in India · Hyderabad, Telangana, India

Full-Time Mid_senior SOC
Estimated market salary
₹40-71 LPA

This is a SiliconBoard market estimate, not an employer-posted salary.

Posted
5d ago
Category
Design
Experience
Mid_senior
Country
India
Project Role : Security Architect

Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills : Security Information and Event Management (SIEM)

Good to have skills : NA

Minimum 3 Year(s) Of Experience Is Required

Educational Qualification : 15 years full time education

Summary:

As a Level 2 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sentinal One and Splunk SIEM, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. This role requires deep expertise in detection, investigation, containment, and remediation, as well as collaboration with multiple teams across security, IT, and compliance.

Roles & Responsibilities:

Alert Triage & Investigation: Experience investigating escalated alerts using SIEM or EDR
Incident Response and Containment: Take necessary actions to contain, eradicate and recover from security incidents.
Identify opportunities for automation and work with SIEM Platform Support team for implementing it.
EDR Deep Dive: Using Real Time Response (RTR), Threat Graph, custom IOA rules
Proficiency in writing SPL queries, dashboards and providing fine tuning opportunities
Threat Hunting: Behavior-based detection using TTPs
Good understanding of malware, lateral movement, privilege escalation, and exfiltration patterns
Threat Intel Integration: Automation of IOC lookups and enrichment flows
Forensic Skills: Live host forensics, log correlation, malware behavioral analysis
Good experience in advanced threat detection and incident response
Proficiency in Sentinal One forensic and incident response capabilities
Playbook Development/Updation: Able to define, update, and optimize IR playbooks and workflows
Forensic analysis (memory, file systems, logs)
Cloud incident handling (AWS, Azure)
Dashboarding: Advanced visualizations and business-focused metrics in Splunk
Certifications: Splunk Certified Admin/ES Admin, SC-200, Sentinal One EDR vendor training


Professional & Technical Skills:

Investigate alerts escalated by L1 to determine scope, impact, and root cause
Perform in-depth endpoint and network triage using Sentinel One
Use Sentinel One to perform endpoint analysis and threat validation
Correlate multiple log sources in Splunk to trace attacker activity
Execute or verify SOAR playbooks for containment actions (isolate host, disable user)
Enrich events with asset, identity, and threat intelligence context
Document investigation workflows, evidence, and final conclusions
Support L3 during major incidents by performing log or memory triage
Suggest improvements in alert logic or SOAR workflow to reduce false positives
Conduct threat research aligned to alert patterns and business context
Enhance alert fidelity with threat intel and historical context
Document investigation findings and communicate with stakeholders
Sentinal One: Custom detections, forensic triage, threat graphs
Splunk SIEM (core + ES module): Searching Logs, Monitoring and investigating alerts.


Additional Information:

The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).
This position is based at our Hyderabad office.
A 15 years full time education is required., 15 years full time education
Show more Show less