SOC L2 and SOC L3 (Manila) job opportunity at Accenture Plc.

Bachelor's (B.Sc.)

Quezon City, Philippines

Quezon City....Philippines

summarize with Ai

Ready to join Accenture’s team of empowered people? We’re looking for candidates with the following skills and experience for this role. Do you fit the profile? If you do, we’d love to hear from you! In adherence to Accenture’s process of Identity Verification, your resume or CV must include your photo to ensure the accuracy of your application. Who we are: Accenture in the Philippines is a pioneer in Accenture’s global delivery network. Over the past 30 years, we have expanded our capabilities to become a powerhouse company providing end-to-end technology and business services. As part of Accenture’s global footprint in over 120 countries, covering 40-plus industries, we have been working with the biggest companies in the country and around the globe. Innovation, a constant at Accenture, enables us to find new ways to stay ahead of our clients’ challenges. Our inclusive, diverse, and strong culture of equality helps us constantly drive innovation in the workplace. By combining our industry expertise and the deep skills of our people with the latest technologies and our uncompromising high-performance standards, we help organizations grow their business and succeed in the digital age. What’s in it for you? At Accenture you will work on meaningful and innovative projects, powered by the latest technologies. You’ll be immersed in industry best practices such as event-driven architectures and domain-driven designs. Accenture will continually invest in your learning and growth. You'll work with Accenture’s certified practitioners, and Accenture will support you in growing your own tech stack and certifications. SOC L3 Analyst Job Summary: The SOC Level 3 Analyst functions as a senior technical authority within the Security Operations Center, responsible for handling the most complex and high-priority security incidents. This role serves as the primary escalation point for L1 and L2 analysts, providing expert guidance, mentorship, and quality assurance. In addition to leading incident response efforts, the SOC L3 Analyst conducts advanced, periodic threat hunting using a variety of tools, techniques, and intelligence sources to proactively identify malicious activity. The role requires close collaboration with engineering teams, threat intelligence units, incident responders, and client stakeholders to continuously enhance detection, investigation, and response capabilities. Key Responsibilities: Lead investigations of complex security incidents and provide expert-level support to clients and junior SOC analysts Conduct proactive, intelligence-driven threat hunting to detect advanced threats and stay ahead of the evolving threat landscape. Develop, refine, and optimize detection use cases and correlation rules based on new log sources and threat insights. Provide SIEM/SOAR tuning recommendations to improve detection accuracy and reduce false positives. Maintain and enhance incident response playbooks and SOPs to ensure alignment with operational and client needs. Mentor and train L1/L2 analysts on detection techniques, response procedures, and new SOC tools or workflows. Act as a senior technical contact during major incidents and deliver clear, actionable incident reports and recommendations. Drive enhancements in SOC operations by reviewing SLAs, refining workflows, and supporting log learning and detection capability development. SOC Level 2 Analyst Job Summary: The SOC Level 2 Analyst is responsible for conducting in-depth investigations, root-cause analysis, and responding to complex security incidents escalated by Intrusion Analysts. This role includes validating and analyzing security logs, providing expert guidance and mentorship, and collaborating closely with IT, security teams, and Content Engineers to improve and fine-tune detection use-cases. Key Responsibilities Continuously monitor and analyze security alerts and events from SIEM, IDS/IPS, firewalls, and endpoint protection platforms, providing 9x5 support with on-call availability as needed. Perform deep-dive investigations of escalated incidents, determining root cause, impact, and appropriate response. Own the end-to-end resolution process and escalate to Level 3 analysts when required. For validated high or critical incidents, initiates the Major Incident Management process, engage CSIRT and/or external incident response teams, and act as the Singe Point of Contact (SPOC) during the initial response phase. Conduct basic retroactive threat hunting using an Indicator of Compromise (IoC) driven approach to proactively identify potential threats. Work closely with engineering teams to request case updates, whitelisting, and resolve parsing issues. Escalate complex or unresolved issues promptly. Supervise and mentor Intrusion Analysts, conduct quality assurance (QA) reviews of incidents they handle, and guide them on best practices. Maintain clear, concise documentation of incidents, findings, and response actions. Ensure accurate shift handovers and update playbooks, SOPs, and reaction plans regularly. Provide recommendations for enhancing detection logic, SOC processes, and tools. Support the tuning and creation of detection rules and use cases in collaboration with Content Engineers. Generate ad-hoc reports based on client or management requests and ensure effective communication with relevant stakeholders throughout the incident lifecycle.