You Are:

A hands-on technical leader who excels in complex investigations. You have deep expertise in Digital Forensics, Incident Response, and threat analysis, and you have the composure to apply it under pressure during active incidents. You are equally comfortable briefing clients in the boardroom and performing deep analysis. You take ownership of investigations, mentor the people around you, and you raise the bar on what world-class incident response looks like.

The Work:

• Conduct complex forensic analysis including advanced memory forensics, malware triage, encrypted artifact recovery, and anti-forensics detection
• Perform host and network digital forensics, log analysis, and threat hunting in support of incident response investigations
• Leverage EDR solutions, cloud platforms (AWS, Azure, GCP), and threat intelligence to identify attacker Tactics, Techniques and Procedures (TTPs)
• Conduct incident response within various Cloud, OT, and traditional enterprise environments
• Develop indicators of compromise and contribute to comprehensive attack timelines
• Create automation tools and scripts that improve team efficiency and investigation capabilities
• Mentor and train 2-4 investigators across multiple cases, building team capability
• Provide quality assurance on investigator findings before Primary Investigator review
• Lead medium to large workstreams (20-50+ systems) with minimal oversight
• Support Primary Investigators with technical decision-making and investigation strategy
• Translate strategic investigation direction into tactical tasks for team execution
• Effectively communicate and interface with customers, both technically and strategically, to customer stakeholders and legal counsel throughout the engagement lifecycle
• Author comprehensively written client reports on investigative findings with defensible conclusions
• Present technical findings in client calls when appropriate
• Support Accenture leadership in properly scoping engagements with innovative methodical approaches

Travel may be required for this role. The amount of travel will vary from 0 to 100% depending on business need and client requirements.

Here's What You Need:

• Bachelor's degree or equivalent (minimum 12 years) work experience. (If Associate's Degree, must have minimum 6 years work experience)
• Minimum 4 years of Digital Forensics, Incident Response (DFIR) experience with demonstrated expertise in complex investigations
• Ability to obtain US security clearances as required by client engagement
• Minimum of 3 years of demonstrated experience in:
  
  • Enterprise incident response, digital forensics and cyber incident investigation processes
  • Common DFIR toolsets (Volatility, X-Ways, FTK, EnCase, Autopsy, etc.)
  • Microsoft Windows, GNU/Linux and MacOS operating systems
  • Memory forensics and malware analysis
  • Developing indicators of compromise and deriving attacker TTPs
  • Leading investigation workstreams and mentoring junior team members
  • Enterprise environments, Active Directory, and common attack patterns
  • Project management, analytical, and client-facing communication skills
  • Solving complex forensic challenges that require advanced techniques
  • Threat hunting on both endpoints and networks
  • Producing accurate, defensible, well-documented analysis
  • Eradication techniques, monitoring improvements, and protection capabilities
  • Developing and implementing dynamic remediation plans in conjunction with incident response engagements

Bonus Points If:

• You have experience with Cloud environments (AWS, Azure, GCP) and cloud-native forensics
• You have experience with OT and ICS environments
• You have proficiency in scripting and programming languages (Python, PowerShell, Bash)
• You have experience with reverse engineering and sandboxing technologies
• You have advanced malware analysis capabilities (unpacking, deobfuscation, behavior analysis)
• You have made contributions to open-source DFIR tools or methodologies
• You have active participation in the security community (conferences, publications, training development)
• You hold security certifications such as GCFA, GCFE, GREM, GCIH, CEH, or similar
• You hold advanced certifications (SANS 500-level, OSCP, OSCE)

Compensation at Accenture varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Accenture provides a reasonable range of compensation for roles that may be hired as set forth below.
We anticipate this job posting will be posted until 08/08/2026.

Accenture offers a market competitive suite of benefits including medical, dental, vision, life, and long-term disability coverage, a 401(k) plan, bonus opportunities, paid holidays, and paid time off. See more information on our benefits here:

U.S. Employee Benefits | Accenture

Role Location Annual Salary Range

California $70,350 to $205,800

Cleveland $59,100 to $164,600

Colorado $63,800 to $177,800

District of Columbia $68,000 to $189,300

Illinois $59,100 to $177,800

Maine $54,400 to $151,400

Maryland $63,800 to $177,800

Massachusetts $63,800 to $189,300

Minnesota $63,800 to $177,800

New York $66,300 to $205,800

New Jersey $68,000 to $205,800

Virginia $59,100 to $189,300

Washington $80,200 to $189,300