Detection Engineer
Accenture Federal Services · Arlington, VA · 2 wk ago
Information Technology$91k–$221k/yrFull-time
Responsibilities
- Design, engineer, and implement security detection initiatives under the cybersecurity team lead.
- Develop new detection logic for SIEM (Microsoft Sentinel) and network security platforms (Cisco FirePower, IDS/IPS), incorporating AI-driven tooling where applicable.
- Write and optimize KQL queries for Sentinel to improve detection fidelity and reduce false positives.
- Tune detection sets to raise security-relevant events for triage and response teams.
- Maintain version control of detection logic using Git and GitHub workflows for collaborative development and auditability.
- Bridge the gap between network engineering and cybersecurity teams to advocate for secure network designs and maximize security device capabilities.
- Conduct technical briefings to enhance team awareness of network architecture and detection strategies.
- Collaborate with operations and management to recommend improvements to security posture and ensure compliance with industry and federal standards (e.g., NIST, CISA).
What You Need
- U.S. Citizenship required
- Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
- 6 + years experience in information security or equivalent combination of education and work experience
- 2+ years experience performing event and log analysis across enterprise security tools (AV, IDS/IPS, Firewalls, Active Directory, Web Proxies, DLP, SIEM)
- Hands-on experience with:
- Microsoft Sentinel & KQL (minimum 1 year)
- Cisco FirePower and IDS/IPS configuration (minimum 1 year)
- SIEM platforms (Sentinel preferred)
- Detection engineering: designing and tuning signatures for IoCs and IoAs
- Packet and malware analysis using tools like Wireshark
- Git and GitHub for detection code version control and collaborative workflows
- Scripting and parsing (regex, PowerShell, Python, grep, sed, awk)
- TCP/IP, application layer protocols, and Windows/Linux internals
- Mitre ATT&CK framework for detection mapping
Bonus If You Have
- Threat hunting and automation experience
- Familiarity with cloud security monitoring (Azure, AWS)
- Certifications such as GIAC GCIA, GCED, or Microsoft Security Operations Analyst Associate
Pay Range
The pay range for the states of California, Colorado, Hawaii, Illinois, Maine, Maryland, Massachusetts, Minnesota, New Jersey, New York, Vermont, Virginia, Washington, and the District of Columbia, and the city of Cleveland is: $91,300 - $221,100 USD