Project Role: Security Architect

Project Role Description: Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills: Splunk Security Information and Event Management (SIEM)

Good to have skills: NA

Minimum 7.5 year(s) of experience is required

Educational Qualification: 15 years full time education

Summary:

We are seeking an Associate Manager SOC Incident Response (Splunk) to lead and manage security incident detection, investigation, and response using Splunk SIEM. The role combines hands-on incident response expertise, SOC service delivery ownership, and team leadership, ensuring timely detection, containment, and remediation of security incidents across enterprise environments.

Roles & Responsibilities:

• SOC & Incident Response Leadership
• Lead day to day SOC Incident Response operations using Splunk SIEM.
• Act as the primary escalation point for high-severity (P1/P2) security incidents.
• Ensure incidents are handled in line with defined IR playbooks and SLAs.
• Splunk SIEM Operations
• Oversee Splunk Enterprise / Splunk Cloud for security monitoring.
• Manage use cases, correlation searches, dashboards, and alerts.
• Drive continuous tuning to reduce false positives and improve detection quality.
• Incident Handling and Forensics
• Lead investigation of alerts related to malware, phishing, insider threats, lateral movement, and data exfiltration.
• Coordinate containment, eradication, and recovery activities with IT, network, and endpoint teams.
• Support log analysis, threat hunting, and root cause analysis.
• SOC Service Delivery & Governance
• Own SOC service delivery metrics including MTTD, MTTR, and incident SLA compliance.
• Lead incident reviews, post-incident reports, and lessons learned sessions.
• Support 24/7 SOC operations, shift handovers, and roster management.
• Threat Intelligence & Use Case Enhancement
• Integrate threat intelligence feeds and MITRE ATT&CK mapping into Splunk use cases.
• Drive proactive threat hunting and detection improvements.
• Support onboarding of new log sources and data normalization.
• Team & Stakeholder Management
• Mentor and guide SOC analysts (L1/L2).
• Support onboarding, training, and performance management.
• Communicate incident status and risk posture to stakeholders and leadership.
• Audit, Risk & Compliance
• Support internal and external security audits.
• Ensure incident response processes align with organizational policies and regulatory requirements.
• Maintain IR documentation, SOPs, and runbooks.

Professional & Technical Skills:

• 6 to 9 years of experience in SOC, Incident Response, or Security Operations.
  -Strong hands-on experience with Splunk SIEM.
  -Solid understanding of incident response lifecycle and SOC processes.
  -Experience handling enterprise-scale security incidents.
  -Experience with EDR tools (Crowd Strike, Defender, Carbon Black).
  -Exposure to SOAR platforms and automation.
  -Knowledge of cloud security monitoring (Azure, AWS).
  -Certifications such as GCIA, GCIH, GCED, or Splunk certifications.
  -Strong leadership and crisis management skills.
  -Clear communication with technical and non-technical stakeholders.
  -Calm, analytical, and decisive under pressure.

Additional Information:

• The candidate should have minimum 10+ years of experience in Splunk Security Information and Event Management (SIEM).
• This position is based at our Bengaluru office.
• A 15 years full time education is required.

15 years full time education

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.
Visit us at www.accenture.com

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.