Project Role: Security Architect

Project Role Description: Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills: Endpoint Extended Detection and Response

Good to have skills: NA

Minimum 3 year(s) of experience is required

Educational Qualification: 15 years full time education

Summary:

experience in cybersecurity with at least 2 years in Ransomware Analysis security.
The Halcyon Ransomware Protection is responsible for managing and optimizing the Halcyon anti-ransomware platform across the enterprise. This role focuses on ransomware detection, prevention, isolation, rollback operations, and integration of Halcyon with the existing cybersecurity ecosystem to strengthen organizational resilience against advanced ransomware threats.

Roles & Responsibilities:

-Deploy, configure, and maintain the Halcyon anti-ransomware agent across endpoints and servers.
-Monitor platform health, sensor coverage, and real-time protection status.
-Manage platform configurations, policy updates, signature updates, and agent upgrades.
-Ensure high availability and operational continuity of the Halcyon platform.
-Review Halcyon alerts, detections, and high-risk events for ransomware activity.
-Perform deep analysis on suspicious behaviors using Halcyon threat intel and behavioral telemetry.
-Lead containment actions: isolate systems, kill ransomware processes, and remove malicious artifacts.
-Execute Halcyon rollback and recovery procedures to restore encrypted files and system integrity.
-Work with SOC and IR teams for coordinated incident response.
-Hunt for early indicators of ransomware staging (persistence, privilege escalation, lateral movement).
-Utilize Halcyon s Threat Response Intelligence, behavioral indicators, and AI/ML insights.
-Identify gaps in ransomware defenses and propose improvements.
-Conduct post-incident forensics and malware behavior analysis.
-Design, implement, and tune ransomware protection policies to reduce false positives and enhance detection accuracy.
-Manage application allow/deny lists, behavioral analysis thresholds, and rollback rules.
-Maintain consistent policy governance across regions and business units.
-Integrate Halcyon with SIEM, SOAR, EDR, ITSM, and incident response platforms.
-Create automated playbooks for ransomware alerts, isolation workflows, ticketing, and remediation.
-Leverage APIs for automated deployment, alert enrichment, and reporting.
-Act as the L3 escalation for ransomware-related security events.
-Participate in tabletop exercises, red team/purple team scenarios focused on ransomware readiness.
-Provide guidance to SOC, IT Ops, and Endpoint teams on secure configuration and ransomware resilience.
Generate reports on: Attack attempts,Encryption prevention success rates,Rollback events,Sensor health and coverage,Ransomware trends and risk posture,Support internal audits, compliance assessments, and customer due-diligence requests, Maintain documentation for policies, SOPs, configurations, and incident playbooks.

Professional & Technical Skills:

• Strong hands-on experience with Halcyon Ransomware Protection Platform (mandatory for lead-level roles).
  -Expertise in ransomware behavior, attack chain, encryption techniques, and mitigation strategies.
  -Experience with EDR/AV tools such as Crowd Strike, Defender ATP, Sentinel One, or Carbon Black.
  -Strong understanding of:
  -Windows and Linux internals
  -MITRE ATT&CK (especially T1486, T1489, T1490)
  -Privilege escalation, lateral movement, persistence techniques
  -Scripting knowledge (PowerShell or Python) for automation and investigations.
  -Familiarity with SIEM/SOAR tools and incident response frameworks (NIST, SANS).
  -Vendor-specific EDR/IR certifications

Additional Information:

• The candidate should have minimum 3 years of experience in Endpoint Extended Detection and Response.
• This position is based at our Bengaluru office.
• A 15 years full time education is required.

15 years full time education

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.
Visit us at www.accenture.com

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.