Job Description

We Are

Accenture Security helps organizations prepare, protect, detect, respond, and recover along all points of the security lifecycle. Cybersecurity challenges are different for every business in every industry. Leveraging our global resources and advanced technologies, we create integrated, turnkey solutions tailored to our clients' needs across their entire value chain. Whether we're defending against known cyberattacks, detecting and responding to the unknown, or running an entire security operations center, we will help companies build cyber resilience to grow with confidence. Our team of the security sector's brightest people use the coolest tech to out-hack the hackers and help clients build resilience from within. We blend risk strategy, digital identity, cyber defense, application security and managed service solutions to rethink the entire security lifecycle.



You Are:

Passionate about security, love what you do and have a genuine desire to outsmart the bad guys. You have the experience to analyze a clients' security posture, anticipate security requirements and help find right-sized solutions based on industry leading practices. You have a proven track record working successfully in a fast-paced, team-oriented environment. You're a creative, analytical problem solver with above average documentation skills who can speak to both technical and non-technical audiences. Can apply deep security skills to design, build and protect enterprise systems, applications, data, assets and people for Accenture and our clients. You are eager to put your skills to use by helping us help our clients inject security at every level of their organization.



Key Responsibilities

Threat Detection & Response

Monitor, analyze, and investigate alerts from Microsoft Sentinel and the Defender Suite (for Endpoint, Cloud, Office 365, Identity). Execute triage, containment, eradication, and recovery activities for security incidents. Apply the MITRE ATT&CK framework to classify and track adversary TTPs. Perform forensic analysis and root-cause investigations on compromised assets.

Threat Hunting & Analytics

Conduct proactive threat hunting using Kusto Query Language (KQL) to identify anomalies and emerging IOCs. Develop and fine-tune analytic rules, workbooks, and hunting queries within Microsoft Sentinel. Leverage Copilot for Security to streamline investigations, reporting, and post-incident reviews.

Automation & Engineering

Build, deploy, and maintain SOAR playbooks using Logic Apps for automated response workflows. Onboard and normalize new log sources across on-prem and cloud environments. Continuously tune detection logic to reduce false positives and enhance signal fidelity. Integrate with ServiceNow SecOps SIR for case management, escalation, and incident lifecycle tracking.

Operational Excellence

Maintain SOC tool health, data retention, and asset classification. Produce detailed incident reports, executive summaries, and SOC dashboards aligned with KPIs and SLAs. Participate in knowledge sharing, process optimization, and development of new SOPs. Provide guidance to Level 1 analysts and contribute to peer mentoring and continuous improvement initiatives.


Required Skills

Experience: Minimum 2 years in a SOC or Detection & Response role (5+ years total IT/security experience). Hands-on experience with Microsoft Sentinel (SIEM) and the Microsoft Defender Suite. Advanced KQL skills for analytics, correlation, and threat hunting. Familiarity with Azure Security Center / Defender for Cloud, Azure AD logs, and ServiceNow SecOps SIR. Strong understanding of the incident response lifecycle, network protocols (TCP/IP, HTTP/S, DNS), and endpoint telemetry. Experience with PowerShell or Python for automation and tool integration. Education: Bachelor's degree in Computer Science, Information Security, or related discipline (or equivalent experience). Working knowledge of NIST 800-61, ISO 27001, and CIS Controls. Excellent communication skills, analytical thinking, and a passion for continuous learning.
Preferred Skills & Certifications

Microsoft Certifications: SC-200 (Security Operations Analyst), AZ-500 (Azure Security Engineer), or MS-500 (Security Administrator). Industry Certifications: CompTIA Security+, CEH, GCIH, GCIA, CISSP, CCSP, or CISM (an asset). Experience with tools such as CrowdStrike, FireEye, Tenable, Carbon Black, McAfee, or Cloudflare. Familiarity with DevSecOps concepts, CI/CD tooling, and cloud automation (Azure-CLI, AWS-CLI). Multi-lingual (English required; French and/or Spanish an asset). Eligible for federal government security clearance.
Why Join Us

Work with a world-class global Detection & Response team defending some of Canada's and the world's top enterprises. Access to industry-leading training, certification sponsorship, and structured career growth. Collaborate across a global network of cyber professionals, blending human intelligence and AI-powered defense. Exposure to advanced technologies, top-tier clients, and meaningful cybersecurity challenges every day.
Compensation at Accenture varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Accenture provides a reasonable range of compensation, based on full-time employment, for roles that may be hired in British Columbia as set forth below.


Information on benefits is here.


Role Location Annual Salary Range


British Columbia $61,800 to $159,000