job description
Are you a cybersecurity leader ready to drive innovation in one of the worldâs most dynamic markets? Accenture is seeking a SIEM Lead for Security Operations to join our elite team in Bali, Indonesia. As a global leader in technology and consulting, we empower businesses to transform securely in an ever-evolving digital landscape.
In this pivotal role, you will spearhead the design, implementation, and optimization of our Security Information and Event Management (SIEM) systems, ensuring real-time threat detection, incident response, and compliance with industry standards. Youâll collaborate with cross-functional teams to enhance our security posture, mitigate risks, and deliver cutting-edge solutions to high-profile clients.
Why Accenture? We offer a culture of continuous learning, access to the latest cybersecurity tools, and the opportunity to work on groundbreaking projects that redefine digital security. If youâre passionate about safeguarding data, leading high-impact initiatives, and mentoring talent, this is your chance to make a difference on a global scale.
Responsibility
- Lead the end-to-end lifecycle of SIEM platforms (e.g., Splunk, IBM QRadar, Microsoft Sentinel), including architecture, deployment, and tuning.
- Develop and refine correlation rules, dashboards, and alerts to detect and respond to advanced cyber threats.
- Oversee log management strategies, ensuring comprehensive data collection, retention, and analysis for forensic investigations.
- Collaborate with SOC teams to streamline incident response workflows and reduce mean time to detect (MTTD) and resolve (MTTR).
- Conduct regular vulnerability assessments and threat hunting exercises to proactively identify security gaps.
- Ensure compliance with global security frameworks (e.g., ISO 27001, NIST, GDPR) and client-specific requirements.
- Mentor junior analysts and engineers, fostering a culture of security awareness and technical excellence.
- Partner with stakeholders to align SIEM capabilities with business objectives and risk management strategies.
Qualifications
- Bachelorâs degree in Computer Science, Cybersecurity, or a related field; advanced degrees or certifications (e.g., CISSP, CISM, GIAC) are a plus.
- Minimum 5+ years of hands-on experience in SIEM administration, with expertise in tools like Splunk, QRadar, or Elastic SIEM.
- Proven track record in threat detection, incident response, and security analytics within enterprise environments.
- Strong knowledge of network protocols, endpoint security, and cloud security (AWS, Azure, GCP).
- Experience with scripting/automation (Python, PowerShell, Bash) for SIEM customization and integration.
- Excellent analytical, problem-solving, and communication skills to articulate complex security concepts to technical and non-technical audiences.
- Familiarity with regulatory compliance (e.g., PCI DSS, HIPAA) and security best practices.
- Ability to thrive in a fast-paced, collaborative environment and manage multiple priorities under tight deadlines.