SOC L2 (Cortex XSOAR experience required)

Ready to join Accenture's team of empowered people We're looking for candidates with the following skills and experience for this role. Do you fit the profile If you do, we'd love to hear from you!

In adherence to Accenture's process of Identity Verification, your resume or CV must include your photo to ensure the accuracy of your application.

Who we are:

Accenture in the Philippines is a pioneer in Accenture's global delivery network. Over the past 30 years, we have expanded our capabilities to become a powerhouse company providing end-to-end technology and business services. As part of Accenture's global footprint in over 120 countries, covering 40-plus industries, we have been working with the biggest companies in the country and around the globe.

Innovation, a constant at Accenture, enables us to find new ways to stay ahead of our clients challenges. Our inclusive, diverse, and strong culture of equality helps us constantly drive innovation in the workplace. By combining our industry expertise and the deep skills of our people with the latest technologies and our uncompromising high-performance standards, we help organizations grow their business and succeed in the digital age.

What's in it for you

At Accenture you will work on meaningful and innovative projects, powered by the latest technologies. You'll be immersed in industry best practices such as event-driven architectures and domain-driven designs. Accenture will continually invest in your learning and growth. You'll work with Accenture's certified practitioners, and Accenture will support you in growing your own tech stack and certifications.

Job Summary:

The SOC Level 2 Analyst is responsible for conducting in-depth investigations, root-cause analysis, and responding to complex security incidents escalated by Intrusion Analysts. This role includes validating and analyzing security logs, providing expert guidance and mentorship, and collaborating closely with IT, security teams, and Content Engineers to improve and fine-tune detection use-cases.

Key Responsibilities

• Continuously monitor and analyze security alerts and events from SIEM, IDS/IPS, firewalls, and endpoint protection platforms, providing 9x5 support with on-call availability as needed.
• Perform deep-dive investigations of escalated incidents, determining root cause, impact, and appropriate response. Own the end-to-end resolution process and escalate to Level 3 analysts when required.
• For validated high or critical incidents, initiates the Major Incident Management process, engage CSIRT and/or external incident response teams, and act as the Singe Point of Contact (SPOC) during the initial response phase.
• Conduct basic retroactive threat hunting using an Indicator of Compromise (IoC) driven approach to proactively identify potential threats.
• Work closely with engineering teams to request case updates, whitelisting, and resolve parsing issues. Escalate complex or unresolved issues promptly.
• Supervise and mentor Intrusion Analysts, conduct quality assurance (QA) reviews of incidents they handle, and guide them on best practices.
• Maintain clear, concise documentation of incidents, findings, and response actions. Ensure accurate shift handovers and update playbooks, SOPs, and reaction plans regularly.
• Provide recommendations for enhancing detection logic, SOC processes, and tools. Support the tuning and creation of detection rules and use cases in collaboration with Content Engineers.
• Generate ad-hoc reports based on client or management requests and ensure effective communication with relevant stakeholders throughout the incident lifecycle.

SOC L2 Job Requirements:

• Candidates must have at least 3-5 years of relevant experience
• Candidates must have demonstrable, practical experience with XSOAR playbook development, custom integrations, and Python scripting within the XSOAR framework. This is non-negotiable - we cannot afford another ramp-up cycle on the platform itself
• Beyond tool knowledge, the candidate must demonstrate the ability to assess a task, research the automation approach, understand the security context, and design the solution independently. This is the most critical skill - the ability to think through what to automate and how before touching the tool.
• They must understand core network protocols and security technologies and be skilled in using SIEM tools for threat detection.
• Proficiency in analyzing network traffic and logs to detect and investigate signs of compromise is required.
• Understanding of authentication, authorization, and access control methods is essential.
• Candidates should be able to identify, contain, and report malware related incidents.
• Strong skills in conducting deep incident investigations and determining root cause are necessary.
• Should be able to categorize incidents and respond effectively within defined timelines.
• Ability to perform trend and behavioral analysis to detect emerging threats is a key requirement.
• Understanding of attack techniques, threat vectors, and cryptography fundamentals is important.
• They must work well with internal teams to coordinate responses and improve detection and response processes.
• A sharp analytical mindset and the ability to remain calm under pressure are crucial for effective incident response.

Work Set Up: Possible Shifting, Hybrid, Cubao site

What we believe:

All our leaders are committed to building a better, stronger and more durable company for future generations to create positive, long-lasting change. Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and creative, which helps us better serve our clients and our communities.

Our position as partner to many of the world's leading businesses, organizations and governments affords us both an extraordinary opportunity and a tremendous responsibility to make a difference. Sustainability is one of our greatest responsibilities, which we embed it into everything we do and for everyone we work with.

Accenture is committed to providing equal employment opportunities for persons with disabilities. Please let your recruiter know if you require reasonable accommodation to enable your participation in the recruitment process, they will be happy to assist you.

What's in it for you

• Competitive Total Rewards (Compensation, Performance Bonus, 13th Month Pay, Day 1 HMO & Life Insurance Coverage)
• Expanded maternity leave up to 120 days.
• Expanded paternity leave up to 30 days.
• Flexible Working Arrangements.
• Healthy and Encouraging Work Environment
• Company-sponsored trainings like upskilling and certification
• Employee Stock Purchase Pan
• Loyalty and Christmas Gift
• Inclusion and Diversity Benefits
• Car and housing plan.

.Terms & Conditions apply

Equal employment Opportunity Statement:

All employment decisions shall be made without regard to age, race, creed, color, religion, gender, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment opportunities to our service men and women.

Please read Accenture's Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.

IMPORTANT REMINDER: We appreciate your interest in applying with Accenture. Please ensure to complete your profile and accomplish all required information in Workday within the next 24 hours, in order for us to start processing your application. You may access Workday by clicking the Apply Now button or refer to the link sent via SMS or email.

#LI-PH

About Accenture

Accenture is a leading global professional services company that helps the world's leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services-creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world's leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.

Visit us at

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicablelaw. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.