Accenture Federal Services logo

Security Operations Lead

Apply now
Company name
Accenture Federal Services
(website)
Annual base salary
$126,300 — $243,100
Location

On-site from

Posted on SalaryPine
At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations. Join Accenture Federal Services, a technology company within global Accenture. Recognized as a Glassdoor Top 100 Best Place to Work, we offer a collaborative and caring community where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward!

Security Operations Lead (SOC Lead)

Role Summary

The Security Operations Lead will oversee all SOC functions and lead a blended team of SOC Analysts and Security Engineers to ensure rapid detection, investigation, and response to security threats. This role is responsible for driving threat hunting, leading major incidents, engineering detection capabilities, and maturing SOC operations to stay ahead of evolving adversary behaviors. The Lead acts as the central coordination point during security events and sets the strategic direction for the SOC to ensure continuous, mission-critical security coverage.

Key Responsibilities

SOC Leadership & Operations

  • Lead day‐to‐day SOC operations, including queue management, alert triage oversight, escalation handling, on‐call rotations, and daily situational reporting.
  • Mentor and develop SOC analysts across tiers; refine SOPs, workflows, and response playbooks.
  • Drive threat hunting activities focused on identifying patterns, outliers, and TTP‐aligned behaviors across host, network, email, and cloud logs.
  • Oversee SIEM dashboarding, alert tuning, log source health, and rule/correlation development to strengthen detection depth.
  • Coordinate with Security Engineering to ensure logging fidelity, sensor coverage, and integration of new technologies.

Incident Response

  • Lead the full lifecycle of incident response: identification, containment, eradication, recovery, forensics support, and post-incident reporting.
  • Perform or direct deep-dive investigations using SIEM, NDR, EDR, packet analysis tools, and forensic artifacts.
  • Provide expert investigative support for large-scale or complex incidents where technical detections may not be available.
  • Guide analysts during high‐severity incidents and act as the primary interface with client leadership and internal stakeholders.
  • Oversee threat intelligence intake and ensure IOCs, adversary behaviors, and campaign indicators are integrated into SOC detections.

Detection Engineering & Threat Analytics

  • Develop and optimize SIEM correlation rules, dashboards, and monitoring logic.
  • Enhance playbooks and automation pipelines to improve consistency and reduce analyst workload.
  • Ensure ongoing alignment to evolving threat actor TTPs, including insider threat and APT-style behaviors.
  • Integrate new data sources into SOC detection pipelines and validate alert efficacy.

Required Qualifications:

  • 8 years of cybersecurity experience, with 3+ years leading SOC or IR teams.
  • Hands-on experience triaging alerts, logs, events, and incident artifacts across enterprise environments.
  • Strong experience with one or more of the following technologies: SIEM (Splunk. Elastic etic), NDR (ExtraHop), EDR/XDR (Trellix), and packet analysis tools.
  • Demonstrated ability to lead incident response for high-severity cybersecurity events.

Preferred Qualifications:

  • Advanced experience in threat hunting, analytics, and adversary behavior profiling.
  • Certifications such as CISSP, GCIH, GCIA, GCED, CEH, or similar.
  • Experience building SIEM/SOAR automations and custom detection content.
  • Familiarity with malware triage, static/dynamic analysis, and IOC development.
  • Experience leading SOCs supporting federal missions or high‐tempo operational environments.
  • Exposure to cloud security monitoring (Azure/AWS/GCP) and SaaS logging integrations.

As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland. The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set, and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. We accept applications on an on-going basis and there is no fixed deadline to apply.

The pay range for the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland is:$126,300—$243,100 USD
What We Believe As a company wholly dedicated to serving the US federal government, we bring together the best talent to help reinvent how federal agencies operate and deliver greater value for their mission and the American people. We have an unwavering commitment to creating a culture in which all our people are respected, feel a sense of belonging, and have equal opportunity. As a business imperative, every person at Accenture Federal Services has the responsibility to create and sustain a culture where everyone feels welcomed and included. This is grounded in our core values and our experience that hiring and developing great people who reflect different perspectives, experiences, and backgrounds is key to driving innovation and delivering the results that our clients and the country count on.
Equal Employment Opportunity StatementWe believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities. For details, view a copy of the Accenture Federal Services Equal Opportunity Policy Statement.Accenture Federal Services is an Equal Employment Opportunity employer. Additionally, as an Affirmative Action Employer for Veterans and Individuals with Disabilities, Accenture Federal Services is committed to providing veteran employment opportunities to our service men and women.Requesting An Accommodation Accenture Federal Services is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture Federal Services and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.If you are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter.Other Employment Statements Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration.Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.California requires additional notifications for applicants and employees. If you are a California resident, live in or plan to work from Los Angeles County upon being hired for this position, please click here for additional important information.
SalaryPine's logo

SalaryPine

Sam Hosseini's photo

Built by Sam Hosseini

© 2026 Borna Oy. 22:46:41
SalaryPine™ aggregates job postings for informational purposes under fair use. All trademarks, logos, and brand names mentioned in the job postings are the property of their respective owners and do not imply endorsement or affiliation.