At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations. Join Accenture Federal Services, a technology company within global Accenture. Recognized as a Glassdoor Top 100 Best Place to Work, we offer a collaborative and caring community where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward! The Work The Cybersecurity Incident Response Junior Analyst and Triage Analyst role will work in the CIRT team in the CISO organization. This role works on a shift under the analysis and triage team lead to relate, scope, and triage alerts and notifications from the SIEM, security sensors, ticketing system, walk-ins, and phone calls. Requires technical understanding to collaborate with the incident response and operations teams to qualify events as relevant and determine true and false positives. Knowledge in incident response lifecycles, common cyber-attacks, and federal incident reporting requirements. Primary responsibilities: - Actively monitor and respond to cybersecurity incidents related to alerted policy violations - Analyze and investigate incidents to determine their nature and scope. - Coordinate with the lead and other Cybersecurity Incident Response Teams for effective incident resolution. - Document incidents and response activities in detail. - Stay updated with the latest cybersecurity threats and trends. - Assist in developing and refining incident response strategies and procedures. - Collaborate with operations teams, legal, human resources and management to investigate security issues and interview investigation subjects to determine true and false positives. What you need - US Citizenship required - 1 - 2 years of experience in information security, or other equivalent combination of education or equivalent work experience. - 1-year of experience performing event and log analysis including one or more of the following: Anti-Virus, - Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Data loss prevention tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions. - Excellent written and oral communication skills, attention to detail, and interpersonal skills. - Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages. - Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages. - Familiarity with TCP/IP, common application layer protocols, and packet analysis of the same. - Familiarity with static and dynamic malware analysis concepts. - Experience with indicators of attack and compromise. - Familiarity with Windows / Linux architecture and endpoint analysis of the same. - Familiarity with basic data parsing and analysis tools, i.e., Excel, grep, sed, awk, regex, etc Bonus if you have - SANs GIAC Certifications including but not limited to GCED, GCLD, GCIH, GCFA, GREM As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland. The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set, and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. We accept applications on an on-going basis and there is no fixed deadline to apply. The pay range for the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland is: $57,200—$109,400 USD What We Believe As a company wholly dedicated to serving the US federal government, we bring together the best talent to help reinvent how federal agencies operate and deliver greater value for their mission and the American people. We have an unwavering commitment to creating a culture in which all our people are respected, feel a sense of belonging, and have equal opportunity. As a business imperative, every person at Accenture Federal Services has the responsibility to create and sustain a culture where everyone feels welcomed and included. This is grounded in our core values and our experience that hiring and developing great people who reflect different perspectives, experiences, and backgrounds is key to driving innovation and delivering the results that our clients and the country count on. Equal Employment Opportunity Statement We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities. For details, view a copy of the Accenture Federal Services Equal Opportunity Policy Statement. Accenture Federal Services is an Equal Employment Opportunity employer. Additionally, as an Affirmative Action Employer for Veterans and Individuals with Disabilities, Accenture Federal Services is committed to providing veteran employment opportunities to our service men and women. Requesting An Accommodation Accenture Federal Services is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture Federal Services and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired. If you are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter. Other Employment Statements Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States. Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information. California requires additional notifications for applicants and employees. If you are a California resident, live in or plan to work from Los Angeles County upon being hired for this position, please click here for additional important information.

Company Description About Sibylline Sibylline is a leading intelligence and strategic risk consultancy in the security sector. Since 2010 we have supported businesses, governments and NGOs through the provision of high-quality risk analysis, due diligence and consultancy services. The firm provides an innovative, entrepreneurial and fast-growing working environment, offering employees ever greater exposure to high-profile clients and challenges. Sibylline offers fantastic opportunities for career progression within a successful company, and we aim to help our employees to build their own personal profiles as well-regarded analysts within the broader industry. Key attributes of Sibylline employees are: - Self-motivated, and auto-improving individuals who can couple initiative and boldness with good judgement - Excellent written and spoken English - Clarity of thought and analytical flair - Strong, demonstrable interest in security and intelligence - The ability to work under pressure, demonstrate leadership when required but also be able to collaborate effectively in teams - Excellent attention to detail Job Description About the Role We are looking for a VSOC Analyst to join us in an embedded role for a virtual 24/7 security operations center (VSOC). Using the latest industry technologies and practices, you will identify, analyze, and advise on adverse conditions and threats that could affect the safety, security and operational continuity of the client and its users. These conditions include (but are not limited to): political instability and unrest, armed conflict, crime, terrorism, natural hazards, cyber threats and online malign actors. Being embedded with the client, you will engage directly with the client to provide immediate support and consulting, and assistance with trust and safety issues. This a fully remote role based in Brazil and involves shift work on a “follow the sun” model and weekend work. Responsibilities - Use all-source intelligence (including alert feeds, traditional and social media, and in-house sources) to monitor security incidents and trends within the client’s areas of operation and locations to assess the likely impact on staff, assets, operations, events and reputation - Support the Client’s trust and safety function to monitor and respond to issues on or with the client’s platform. - Escalate security incidents to client stakeholders, following efficient and rehearsed procedures. - Maintain visibility on employee movements and their proximity to notable incidents and events, advising accordingly through required reporting methods - Participate in training and drills to rehearse incident preparation and response SOPs. - Support internal stakeholders with ad hoc reporting on geopolitical developments, scenario planning, forecasts and other related topics - Be an effective member of a dispersed small team, focused on the delivery of lean, high-impact services - Research and analyse a wide range of information to create insightful analysis in accordance with strict deadlines, including presenting and incorporating relevant data and visualisations. Requirements - Fluent in English (written and verbal) - Bachelor's degree in international relations, Security Studies, Criminal Justice, Journalism, or related field - At least 1-3 years' experience in an intelligence or customer-focused role in geopolitical risk, corporate security, government, law enforcement or similar - Ability to interpret, organise and visualise data - Ability to determine how geopolitical and security threats could impact private sector operations, travellers and sites - Excellent research skills, with the ability to rapidly digest, evaluate and “sift” large quantities of information from a range of sources - Ability to provide rigorous, creative insight into complex situations - Ability to multi-task in a fast-paced working environment and work in both individual and team environments - Excellent attention to detail - High-level competency with MS Office and Google Workspace tools - Must have the right to work in Brazil Nice to have - Advanced degree (Master’s or above) - Additional language skills - Strong professional network - Experience working in intelligence, geopolitical or security-related disciplines - Familiarity and experience with a specific geographic region, ideally aligned with language skills - Strong personal initiative, with the ability to take ownership of tasks and deliver solutions under minimal guidance. - Familiarity with social media platforms, the gaming industry and legislative issues related to both - Experience with mass notification systems, analytical software or OSINT tools including Everbridge, Navigator and Genetec. Additional Information Interview process: - Initial call with our Talent Acquisition team member - Timed written assessment (arranged at the time that suits you) to test writing and analytical capability - Panel interview with some of the team members and hiring managers at Sibylline - Meet and Greet with the client Research indicates that certain groups are less likely to apply for a position unless they meet every single requirement. If you feel you meet some of the requirements and can offer a unique perspective to this role, we strongly encourage you to apply—you might be the perfect fit we're looking for! Sibylline is committed to the recruitment and selection of candidates without regard for sexual orientation, gender, ethnicity, age, political beliefs, culture and lifestyle. We are committed to fostering a business culture that reflects these values and promotes equal opportunity.

• The Cybersecurity Operations Analyst is responsible for assisting in the design and implementation of cybersecurity controls. • Monitor systems by correlating logs for security events and provide alerts for potential incidents. • Maintain up-to-date knowledge of emerging threats. • Provides Tier 1 support for SOC activities, including incident response, forensics, and reporting. • Collaborate with the Cybersecurity Operations team to maintain robust security practices.

Overview The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world.Security represents a critical priority for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a secure cloud that protects them with end-to-end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day.Aligning with Microsoft's mission and the focus of the Microsoft Security organization, this role is an integral part of a larger team dedicated to delivering world-class security operations that contain and evict threat actor activities. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities - Coordinates with investigators to prioritize investigation objectives, understands attack paths, and systematically executes mitigation and protection actions to evict threat actors for any security incident impacting any of Microsoft’s products or services. - Conducts hands-on mitigation where possible; engages service owners when there is a risk of a production outage . - Maintains hands-on knowledge of mitigation and protection steps for various asset types (e.g. M365, Azure, AI) and publishes self-service guidance for impacted engineering teams. - Briefs executive stakeholders on eviction plans and associated status. - Maintains and evolves an inventory of threat actor Tactics, Techniques, and Procedures (TTPs) and the corresponding eviction capabilities. - Define and prioritize requirements and use cases for Microsoft’s threat actor eviction platform; operationalize as they are delivered. - Drives strategic change to accelerate eviction scenarios (e.g. lean business cases to garner support for broader Microsoft product initiatives or features). Qualifications - 10+ years of hands-on experience working in cybersecurity incident response. - Hands-on experience with incident response in Azure or Microsoft 365. - Proficient with Kusto data query languages. - Ability to work under pressure, structure unstructured problems and provide clarity where ambiguity exists. - Ability to operate with autonomy, influence others, and a bias for action. Bachelor's or Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response. Preferred Qualifications: 10+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response OR equivalent experience. Other Requirements  Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter. This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.