Missouri Information Technology Jobs

Jobs.mo.gov mobile logo

Job Information

Accenture Federal - ISCM/Continuous Monitoring Lead in St. Louis, Missouri

Organization: Accenture Federal Services Location: San Antonio, TX We Are:

Accenture Federal Services, bringing together commercial innovation with the latest technology to unleash the potential for our federal clients. Every day we bring bold thinking and diverse disciplines to solve problems in new ways. Ready to learn as much as you can? We’ll give you numerous opportunities of formal & informal training sessions to keep your tech smarts sharp.

You Are:

As Team Lead of the Information Security Continuous Monitoring (ISCM) Team, perform the following tasks: Monitoring of security events, trend analysis, and tuning security event related signatures. Monitor, organize, and coordinate correspondence for emails received to the SOC Inbox, update Standard Operating Procedures (SOPs), and coordinate with Incident Response staff to effectively contain and recover from cyber incidents. Support and coordinate eDiscovery and Freedom of Information Act (FOIA) requests. Monitor security event feeds for availability and throughput, to quickly identify any gaps in available telemetry. Ideally, candidate will have Cloud experience in AWS or Azure.

Job Responsibilities Include:

  • Use SOC monitoring devices (SIEM, IDS, DLP) to review and analyze pre-defined events indicative of incidents.

  • Monitoring dashboards and intrusion detection and prevention systems (IDS/IPS)

  • Assisting in recommendations for content to detect incidents, including IOCs for blocking and detection.

  • Performing initial analysis and investigation into alerts as they are seen (to include anti-virus and phishing alerts

  • Performing initial malware analysis utilizing automated means

  • Supporting cyber defense functions to protect our clients from cyber security incidents that have potential to cause negative impact

  • Incident intake, ticket updates and reporting of cyber events

  • Understanding, identifying and researching IOCs

  • Uploading packets and evaluating source/destination activity and payloads

    ISCM

    • Support Authorizing Official briefings (monthly), sustained and continuous enhancements supporting risk posture/framing, including heat map of highest "risk" systems
  • Metric collections, analysis, dashboard via the ISCM Portal

  • Collaboration with other teams to assess requirements to achieve Ongoing Authorizations (ISSO / ATO)

  • Provide analysis and outreach to customers related to overdue patching and vulnerabilities (>30 days in age for Critical/High, >60 days for Moderate)

  • Produce dashboards via Tenable SecurityCenter for management briefs, risk posture, end-of-life software in Enterprise (examples)

  • RedSeal is on the horizon for support and to validate all the above

  • Assist in risk assessment formulation and research/analysis

    Here’s What You Need:

  • Bachelor’s Degree and 7+ years of Cyber / SOC / Monitoring Work Experience OR 9 + years with an Associates

  • Monitoring of security events, trend analysis, and tuning security event related signatures to include cloud applications

  • Cyber and/or IT Work Certification (i.e Security+ Certification)

    Bonus Points If:

  • Bachelor's Degree

  • Experience working with Security Information and Event Management (SIEM) solutions is a plus

  • Experience monitoring AntiVirus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments

  • Familiarity with various network and host based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages. Host based forensics and malware analysis experience.

  • Previous experience working in a large government or corporate enterprise environment.

  • Experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).

  • RSA Security Analytics / NetWitness

  • Splunk, including Splunk for Enterprise Security

  • RSA Archer

  • SourceFire/FirePower/Snort

  • McAfee ePO, HIPS

  • FireEye NX, EX, HX

  • EnCase Enterprise

    Important Eligibility Requirements

    US Citizenship - No Dual Citizenship

    An active security clearance or the ability to obtain one may be required for this role.

    Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.

    Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).

    Accenture is a Federal Contractor and an EEO and Affirmative Action Employer of Females/Minorities/Veterans/Individuals with Disabilities.

DirectEmployers