Security Operations Center (SOC) - L2 | Ilocos

Ready to join Accenture’s team of empowered people? We’re looking for candidates with the following skills and experience for this role. Do you fit the profile? If you do, we’d love to hear from you!

The SOC Level 2 Analyst is responsible for conducting in-depth investigations, root-cause analysis, and responding to complex security incidents escalated by Intrusion Analysts. This role includes validating and analyzing security logs, providing expert guidance and mentorship, and collaborating closely with IT, security teams, and Content Engineers to improve and fine-tune detection use-cases.

Job Responsibilities:

• Continuously monitor and analyze security alerts and events from SIEM, IDS/IPS, firewalls, and endpoint protection platforms, providing 9x5 support with on-call availability as needed
• Perform deep-dive investigations of escalated incidents, determining root cause, impact, and appropriate response. Own the end-to-end resolution process and escalate to Level 3 analysts when required
• For validated high or critical incidents, initiates the Major Incident Management process, engage CSIRT and/or external incident response teams, and act as the Singe Point of Contact (SPOC) during the initial response phase
• Conduct basic retroactive threat hunting using an Indicator of Compromise (IoC) driven approach to proactively identify potential threats
• Work closely with engineering teams to request case updates, whitelisting, and resolve parsing issues. Escalate complex or unresolved issues promptly
• Supervise and mentor Intrusion Analysts, conduct quality assurance (QA) reviews of incidents they handle, and guide them on best practices
• Maintain clear, concise documentation of incidents, findings, and response actions. Ensure accurate shift handovers and update playbooks, SOPs, and reaction plans regularly
• Provide recommendations for enhancing detection logic, SOC processes, and tools. Support the tuning and creation of detection rules and use cases in collaboration with Content Engineers
• Generate ad-hoc reports based on client or management requests and ensure effective communication with relevant stakeholders throughout the incident lifecycl

Job Qualifications:

• Candidates should hold a degree in a relevant field and have at least 2 years of experience in a SOC or similar security environment
• They must understand core network protocols and security technologies and be skilled in using SIEM tools for threat detection
• Proficiency in analyzing network traffic and logs to detect and investigate signs of compromise is required
• Understanding of authentication, authorization, and access control methods is essential
• Candidates should be able to identify, contain, and report malware related incidents
• Strong skills in conducting deep incident investigations and determining root cause are necessary
• Should be able to categorize incidents and respond effectively within defined timelines
• Ability to perform trend and behavioral analysis to detect emerging threats is a key requirement
• Understanding of attack techniques, threat vectors, and cryptography fundamentals is important
• They must work well with internal teams to coordinate responses and improve detection and response processes
• A sharp analytical mindset and the ability to remain calm under pressure are crucial for effective incident response
• Must be willing to work on a shifting schedule at San Nicolas, Valdez Center Building with hybrid work set up