Security Architect

Join to apply for the Security Architect role at Accenture in India

1 day ago Be among the first 25 applicants

Join to apply for the Security Architect role at Accenture in India

Project Role : Security Architect

Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills : Security Information and Event Management (SIEM)

Good to have skills : NA

Minimum 5 Year(s) Of Experience Is Required

Educational Qualification : 15 years full time education

Summary: As a Senior Splunk Engineer for Content and Platform Development, you will be responsible for driving end-to-end SIEM engineering efforts, ranging from data onboarding and normalization to advanced detection rule creation and dashboard development. You will play a strategic role in maturing the organization’s detection capability, operational visibility, and SOC automation efforts. This role involves significant collaboration with security analysts, threat hunters, compliance teams, and platform administrators to ensure the Splunk ecosystem is optimized, secure, and continuously evolving. Roles & Responsibilities: - overall experience in cybersecurity or IT infrastructure, with 3+ years hands-on Splunk engineering -Deep expertise in Splunk Search Processing Language (SPL) for creating complex queries, dashboards, alerts, and reports -Strong experience in creating, testing, and tuning detection content for security use cases -Experience in onboarding and parsing logs from various sources (e.g., firewalls, EDRs, cloud platforms, applications) -Expertise in data models (CIM), field extractions (regex), and knowledge objects (lookups, macros, tags) -Experience in designing and optimizing index structures, data retention policies, and storage performance -Ability to work with stakeholders from security operations, threat intel, and infrastructure teams -Strong documentation, version control, and lifecycle management for detection rules and dashboards -Experience integrating SOAR platforms with Splunk (e.g., Splunk SOAR, XSOAR) -Familiarity with Splunk Enterprise Security (ES) and its correlation framework -Exposure to MITRE ATT\&CK mapping for content standardization Professional & Technical Skills: -Design, implement, and maintain search queries, correlation rules, and dashboards aligned with business and threat requirements -Tune existing alerts and rules to reduce false positives and improve detection fidelity -Map detection content to frameworks such as MITRE ATT&CK and compliance standards -Onboard new log sources across endpoints, cloud, infrastructure, and applications -Monitor log sources reporting into Splunk SIEM and identify log sources that fail to report in accordance with the security operation runbooks -Log source parsing issues troubleshooting and resolution. -Write and maintain custom field extractions, transforms, and other configurations -Optimize searches, reduce duplication, and ensure compliance with search head clustering best practices -Build real-time and scheduled dashboards to support SOC, compliance, and leadership visibility -Use lookups, macros, and scheduled reports to enrich alerts and enable decision-making -Participate in use case governance processes and maintain runbooks/playbooks -Review and approve content changes submitted by junior team members -Strong foundational understanding of security operations, threat landscapes, and log analysis -Excellent written and verbal communication skills for working with both technical and business stakeholders -Provide Splunk SIEM and SOAR (Tines/ Palo Alto XSOAR) support along with coordinating with Vendor when required. -Splunk SIEM: Rule creation, anomaly detection, ATT&CK mapping -SOAR: Playbook customization, API integrations, dynamic playbook logic -Threat Intelligence: TTP mapping, behavioral correlation -Splunk SIEM: Parser creation, field extraction, correlation rule design -Scripting: Python, regex, shell scripting for ETL workflows -Data Handling: JSON, syslog, Windows Event Logs -Splunk SIEM Detection Engineering, Content development and platform support. Additional Information: - The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM). - This position is based at our Bengaluru office. - A 15 years full time education is required.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Project Management, General Business, and Management
• Industries
  IT Services and IT Consulting

Referrals increase your chances of interviewing at Accenture in India by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.