SIEM​/SOAR Administrator​/Assessor Associate Director

At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations.

Join Accenture Federal Services, a technology company and part of global Accenture, to do work that matters in a collaborative and caring community, where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more.

Join us to drive positive, lasting change that moves missions and the government forward!

You Are:

The SIEM/SOAR Administrator Associate Director plays a critical role in managing, optimizing, and evaluating the Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) systems used in the Network Operations Center (NOC) and Security Operations Center (SOC). This position is responsible for the day-to-day administration of these tools, as well as conducting regular assessments of their effectiveness and efficiency.

Additionally, this role involves evaluating existing security business processes and recommending improvements to enhance overall security operations. This SIEM/SOAR Administrator / Assessor role is crucial for ensuring the effective use of security tools and processes in the NOC and SOC environments.

The position requires a blend of technical expertise, analytical skills, and the ability to drive continuous improvement in security operations.

The Work:

* Configure, maintain, and optimize SIEM and SOAR platforms

* Develop and implement use cases, correlation rules, and playbooks

* Troubleshoot and manage issues related to data collection, analysis, and reporting

* Assess the existing and to be state of the NOC and SOC operating environment

* Conduct gap analysis to identify areas for improvement in current toolset

* Integrate SIEM/SOAR systems with other security and network tools

* Ensure proper data flow and communication between different security systems

* Troubleshoot integration issues and work with vendors to resolve problems

* Create and maintain dashboards for real-time visibility into security events

* Review and assess existing security business processes

* Identify inefficiencies, redundancies, or gaps in current processes

* Recommend process improvements to enhance security operations

* Ensure SIEM/SOAR configurations meet compliance requirements

* Prepare documentation and evidence for security audits

* Assist in developing and maintaining policies and procedures related to SIEM/SOAR usage

* Provide technical support during security incidents

* Work closely with NOC, SOC, and other IT teams to align SIEM/SOAR capabilities with operational needs

* Participate in cross-functional projects related to security improvements

Here's What You Need:

* Bachelors degree

* 5-10 years of experience in cybersecurity operations, security tools administration, or a related field.

* Hands-on experience with SIEM/SOAR platforms (e.g., Splunk, QRadar, Log Rhythm, Arc Sight, Sentinel, Cortex XSOAR, or others).

* Experience in configuring and optimizing use cases, correlation rules, and playbooks.

* Proficiency in troubleshooting and managing issues related to data collection, analysis, and reporting.

* Strong understanding of security and network protocols, data flow, and integration of security tools.

* Familiarity with scripting and automation languages (e.g., Python, Power Shell) for creating custom scripts and integrations.

* Knowledge of compliance requirements and best practices for SIEM/SOAR configurations.

Bonus Points If:

* Analytical

Skills:

* Ability to conduct gap analysis to identify areas for improvement in the NOC and SOC operating environments.

* Strong analytical and problem-solving skills to assess and enhance security processes.

* Communication and

Collaboration:

* Strong ability to document and prepare evidence for security audits.

* Excellent communication skills to work effectively with NOC, SOC, and cross-functional IT teams.

* Ability to translate technical findings into actionable recommendations for non-technical stakeholders.

* Additional

Skills:

* Knowledge of compliance frameworks such as NIST, ISO 27001, or others.

* Familiarity with dashboard creation and real-time monitoring for security events.

* Proven track record of process improvement and driving efficiency in security operations.

* Relevant certifications such as CISSP, CISM, CEH, GIAC, or SIEM/SOAR-specific certifications (e.g., Splunk, QRadar, Palo Alto Cortex XSOAR certifications).

The Extras:

* US Citizenship Required

* The ability to obtain and maintain a Secret clearance

As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii,…