Back to jobsApply
Accenture Federal Services

Accenture Federal Services is a wholly owned subsidiary of Accenture LLP, focused on serving the US federal government. We have over 30 years of experience and a commitment to creating a culture of respect and belonging.

Detection Engineer

Full TimeRemote

Location

United States

Posted

5 days ago

Salary

Not specified

No structured requirement data.

Job Description

The Detection Engineer will work on the Cyber Incident Response Team (CIRT) within the Information Security organization. Design, engineer, and implement security detection initiatives under the cybersecurity team lead. Develop new detection logic for SIEM (Microsoft Sentinel) and network security platforms (Cisco FirePower, IDS/IPS), incorporating AI-driven tooling where applicable. Write and optimize KQL queries for Sentinel to improve detection fidelity and reduce false positives. Tune detection sets to raise security-relevant events for triage and response teams. Maintain version control of detection logic using Git and GitHub workflows for collaborative development and auditability. Bridge the gap between network engineering and cybersecurity teams to advocate for secure network designs and maximize security device capabilities. Conduct technical briefings to enhance team awareness of network architecture and detection strategies. Collaborate with operations and management to recommend improvements to security posture and ensure compliance with industry and federal standards (e.g., NIST, CISA).

Job Requirements

  • U.S. Citizenship required
  • Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
  • 6+ years experience in information security or equivalent combination of education and work experience
  • 2+ years experience performing event and log analysis across enterprise security tools (AV, IDS/IPS, Firewalls, Active Directory, Web Proxies, DLP, SIEM)
  • Hands-on experience with:
  • Microsoft Sentinel & KQL (minimum 1 year)
  • Cisco FirePower and IDS/IPS configuration (minimum 1 year)
  • SIEM platforms (Sentinel preferred)
  • Detection engineering: designing and tuning signatures for IoCs and IoAs
  • Packet and malware analysis using tools like Wireshark
  • Git and GitHub for detection code version control and collaborative workflows
  • Scripting and parsing (regex, PowerShell, Python, grep, sed, awk)
  • TCP/IP, application layer protocols, and Windows/Linux internals
  • MITRE ATT&CK framework for detection mapping
  • Bonus If You Have:
  • Threat hunting and automation experience
  • Familiarity with cloud security monitoring (Azure, AWS)
  • Certifications such as GIAC GCIA, GCED, or Microsoft Security Operations Analyst Associate

Benefits

  • As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in various states.
  • The base pay range for this position in these locations is $91,300 — $221,100 USD.
  • Accenture Federal Services offers a wide variety of benefits.

Related Categories

Business Development Rep

Related Job Pages

Remote Full-time Jobs (US)More US Remote Jobs