Security Operations Centre Engineer

About the role

The SOC Engineer is responsible for designing and operating the technical foundation of the Security Operations Center. This role bridges security strategy and hands-on engineering, translating threat intelligence and business risks into effective detection, monitoring, and automated response capabilities that protect critical systems and data.

Key Responsibilities

. Design, implement, and maintain SOC platforms, including SIEM (e.g., Microsoft Sentinel, Splunk), SOAR, and security monitoring tools

. Build and optimize log ingestion pipelines, ensuring data quality, normalization, and efficient processing

. Develop and manage detection use cases aligned with threat intelligence and MITRE ATT&CK methodologies

. Conduct threat modeling for applications, cloud environments, and infrastructure to identify risks and monitoring gaps

. Translate threat scenarios into detection logic, telemetry requirements, and automated response workflows

. Design and implement SOAR playbooks for alert triage, incident response, and escalation workflows

. Provide advanced (Tier 3) support during major incidents and contribute to root cause analysis and remediation

. Collaborate with cross-functional teams to enhance security visibility, detection coverage, and response effectiveness

Required Qualifications

. Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field

. Hands-on experience with SIEM platforms such as Microsoft Sentinel, Splunk, or Elastic

. Strong knowledge of detection engineering and log analysis across cloud, endpoint, and network environments

. Experience with threat modeling frameworks (e.g., STRIDE, MITRE ATT&CK) and security operations workflows

. Familiarity with SOAR tools and automation scripting (e.g., Python, PowerShell)

. Understanding of cloud security and modern enterprise architectures

. Strong problem-solving, analytical, and communication skills

Preferred Qualifications (Optional)

. Experience with EDR/XDR, NDR, CSPM, or identity security tools

. Knowledge of DevSecOps practices and CI/CD security integration

. Industry certifications such as CISSP, GCIA, GCIH, or equivalent

. Experience supporting incident response and digital forensics investigations

About the Company / Team

We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.

We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.

At Accenture, we support our people's physical, mental, and financial well-being while providing opportunities to build skills and grow through certifications and diverse experiences.

Join Accenture to work at the heart of change. Visit us at https://www.accenture.com.

Equal Employment Opportunity Statement

All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing employment opportunities to all individuals without discrimination, in line with fair employment practices in Singapore.