Cybersecurity Incident Response Junior Analyst and Triage Analyst

About

At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations.

Join Accenture Federal Services, a technology company within global Accenture. Recognized as a Glassdoor Top 100 Best Place to Work, we offer a collaborative and caring community where you feel like you belong and are empowered to grow, learn and thrive through hands‑on experience, certifications, industry training and more.

Join us to drive positive, lasting change that moves missions and the government forward!

The Work

The Cybersecurity Incident Response Junior Analyst and Triage Analyst role will work in the CIRT team in the CISO organization. This role works on a shift under the analysis and triage team lead to relate, scope, and triage alerts and notifications from the SIEM, security sensors, ticketing system, walk‑ins, and phone calls. It requires technical understanding to collaborate with the incident response and operations teams to qualify events as relevant and determine true and false positives. Knowledge in incident response lifecycles, common cyber‑attacks, and federal incident reporting requirements.

Primary Responsibilities

• Actively monitor and respond to cybersecurity incidents related to alerted policy violations.
• Analyze and investigate incidents to determine their nature and scope.
• Coordinate with the lead and other Cybersecurity Incident Response Teams for effective incident resolution.
• Document incidents and response activities in detail.
• Stay updated with the latest cybersecurity threats and trends.
• Assist in developing and refining incident response strategies and procedures.
• Collaborate with operations teams, legal, human resources and management to investigate security issues and interview investigation subjects to determine true and false positives.

Requirements

• US Citizenship required.
• 1–2 years of experience in information security, or an equivalent combination of education and work experience.
• 1 year of experience performing event and log analysis, including one or more of the following: anti‑virus, intrusion detection systems, firewalls, Active Directory, web proxies, data loss prevention tools, and other security tools found in large enterprise network environments; plus experience with Security Information and Event Management (SIEM) solutions.
• Excellent written and oral communication skills, attention to detail, and interpersonal skills.
• Familiarity with various network and host‑based security applications and tools (e.g., network/host assessment/scanning tools, intrusion detection systems, other security software packages).
• Familiarity with TCP/IP, common application‑layer protocols, and packet analysis.
• Familiarity with static and dynamic malware analysis concepts.
• Experience with indicators of attack and compromise.
• Familiarity with Windows/Linux architecture and endpoint analysis.
• Familiarity with basic data parsing and analysis tools (e.g., Excel, grep, sed, awk, regex).

Preferred Qualifications

• SANs GIAC Certifications (e.g., GCED, GCLD, GCIH, GCFA, GREM