SIEM Engineer
Accenture
About Accenture
Accenture is a leading solutions and services company that helps the world’s leading enterprises reinvent by building their digital core and unleashing the power of AI to create value at speed across the enterprise, bringing together the talent of our approximately 786,000 people, our proprietary assets and platforms, and deep ecosystem relationships. Our strategy is to be the reinvention partner of choice for our clients and to be the most client-focused, AI-enabled, great place to work in the world. Through our Reinvention Services we bring together our capabilities across strategy, consulting, technology, operations, Song and Industry X with our deep industry expertise to create and deliver solutions and services for our clients. Our purpose is to deliver on the promise of technology and human ingenuity, and we measure our success by the 360° value we create for all our stakeholders. Visit us at www.accenture.com.
Join Accenture and help transform leading organisations and communities around the world. The sheer scale of our capabilities and client engagements and the way we collaborate, operate and deliver value provides an unparalleled opportunity to grow and advance. Choose Accenture and make delivering innovative work part of your extraordinary career.
About the role
We are seeking an experienced SIEM Engineer to provide technical leadership and delivery accountability across enterprise SIEM, SOAR, log aggregation, threat detection, and monitoring capabilities.
This role is accountable for the architecture, design, implementation, testing, and operationalisation of SIEM and SOAR platforms, working across security operations, infrastructure, application, threat intelligence, ITSM, and monitoring teams to deliver secure, scalable, and supportable outcomes.
What you'll be responsible for
Own the end-to-end technical delivery of SIEM and SOAR capabilities, including architecture, design, implementation, testing, and operational handover.
Define and govern target-state SIEM and SOAR architecture across log collection, aggregation, ingestion, parsing, enrichment, detection engineering, alerting, case management, and automation.
Lead design and implementation of Splunk and Elastic platform capabilities, including data onboarding, index strategy, field mapping, dashboards, alerting, and operational controls.
Define log source onboarding patterns for infrastructure, applications, security tools, cloud platforms, network devices, identity platforms, and endpoint security controls.
Lead development of detection use cases, correlation rules, threat hunting capabilities, and SOC monitoring content aligned to priority threats and operational requirements.
Design and govern SOAR playbooks for triage, enrichment, escalation, containment, remediation support, evidence capture, and incident workflow automation.
Oversee integration with ITSM systems for ticket creation, workflow management, incident escalation, service reporting, and operational traceability.
Oversee integration of threat intelligence feeds and enrichment sources into detection, investigation, hunting, and response workflows.
Manage integrations with upstream log sources and downstream monitoring, reporting, SOC, incident response, and governance systems.
Provide technical leadership to SIEM developers, analysts, testers, and operational support teams.
Manage technical risks, data quality issues, ingestion gaps, platform performance constraints, and operational readiness dependencies.
Review and approve architecture artefacts, detailed designs, onboarding standards, use case documentation, playbooks, test evidence, and operational runbooks.
What we're looking for
Demonstrated experience in SIEM engineering, security operations, security architecture, cyber detection engineering, or security platform delivery roles.
Proven experience leading enterprise SIEM and SOAR implementations in complex environments..
Deep understanding of log aggregation, ingestion pipelines, parsing, normalisation, enrichment, correlation, alerting, dashboards, and operational monitoring.
Strong experience designing detection use cases, SOC workflows, SOAR playbooks, threat intelligence integration, and threat hunting capabilities.
Security Clearance
Current Australian Government security clearance (Baseline, NV1 or higher), or
Eligibility and willingness to undergo security clearance.
What we’re looking for
2–4 years’ experience in IAM / security engineering / related platform roles.
1–2+ years’ experience with Keycloak (or equivalent IdP), plus strong fundamentals in OIDC/OAuth2 and/or SAML.
Familiarity with directory concepts and LDAP integration.
Strong attention to detail and delivery discipline.
Security Clearance
Current NV2 Security Clearance
Must be willing to work onsite 5 days a week
Benefits of working at Accenture
- 18 weeks paid parental leave
- Long & short-term career break opportunities
- Structured career development program
- Local and international career opportunities.
- Certified as a Family Inclusive Workplace
- Flexible Work Arrangements - centered around Accenture’s Truly Human ethos and our commitment to supporting the health and wellbeing of our people.
- We are proud to be in the top 3 of last year’s Diversity & Inclusion Index!
We are a WORK180 Endorsed Employer, to see our benefits and policies click here
All our consulting professionals receive comprehensive training covering business acumen, technical and professional skills development. You’ll also have opportunities to hone your functional skills and expertise in an area of specialization. We offer a variety of formal and informal training programs at every level to help you acquire and build specialized skills faster. Learning takes place both on the job and through formal training conducted online, in the classroom, or in collaboration with teammates. The sheer variety of work we do, and the experience it offers, provide an unbeatable platform from which to build a career.
Accenture is a an EEO and Affirmative Action Employee of Females/Minorities/Veterans/Individuals with Disabilities.
Equal Employment Opportunity Statement for Australia
At Accenture, we recognise that our people are multi-dimensional, and we create a work environment where all people feel like they can bring their authentic selves to work, every day.
Our unwavering commitment to inclusion and diversity unleashes innovation and creates a culture where everyone feels they have equal opportunity. Our range of progressive policies support flexibility in ‘where’, ‘when’ and ‘how’ our people work to ensure that Accenture is an organisation where you can strive for more, achieve great things and maintain the balance and wellbeing you need.
We encourage applications from all people, and we are committed to removing barriers to the recruitment process and employee lifecycle. All employment decisions shall be made without regard to age, disability status, ethnicity, gender, gender identity or expression, religion or sexual orientation and we do not tolerate discrimination. If you require adjustments to the recruitment process or have a preferred communication method, please email [email protected] and cite the relevant Job Number, or contact us on +61 2 9005 5000.
To ensure our workplace is inclusive and diverse we are setting bold goals and taking comprehensive action. To achieve these goals, we collect information that allows us to track the effectiveness of our Inclusion and Diversity programs. Learn how Accenture protects your personal data and know your rights in relation to your personal data. Read more about our Privacy Statement.
#LI_GM
