Security Architect
Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Secure AI
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
Seeking a forward-thinking professional with an AI-first mindset to design, develop, and deploy enterprise-grade solutions using Generative and Agentic AI frameworks that drive innovation, efficiency, and business transformation.
We are seeking an operationally strong AI SOC Lead with 9+ years of experience with deep expertise in security operations, detection engineering, incident response, and AI security monitoring. This role is ideal for professionals who thrive in fast-paced environments and are passionate about securing modern AI/ML and GenAI ecosystems. You will lead SOC operations for AI-aware environments, strengthen detection and response capabilities for LLM applications, AI agents, model APIs, orchestration platforms, and AI data pipelines, and guide the organization s AI monitoring strategy at both strategic and technical levels. The ideal candidate demonstrates strong leadership, advanced SOC and threat detection expertise, and a practical understanding of AI-specific attack patterns, cloud-native telemetry, and incident response excellence.
Roles & Responsibilities
Lead AI-driven solution design and delivery by applying GenAI and Agentic AI to address complex business challenges, automate processes, and integrate intelligent insights into enterprise workflows for measurable impact.
Lead day-to-day SOC monitoring, triage, investigation, escalation, and incident handling activities, with a priority focus on AI/GenAI systems, platforms, and telemetry sources.
Own and mature the AI detection strategy, driving the development, optimization, and continuous improvement of AI-focused detection use cases for threats such as prompt injection, jailbreak attempts, malicious prompt chaining, tool or plugin misuse, model misuse, unauthorized model access, and sensitive data leakage.
Define, establish, and enforce AI-specific incident response playbooks and runbooks, covering triage, containment, eradication, recovery, escalation, evidence preservation, communication protocols, and post-incident lessons learned for AI-related abuse and exposure scenarios.
Establish AI logging and telemetry standards in partnership with engineering teams, covering prompt logs, inference metadata, token usage, tool invocation trails, retrieval traces, guardrail events, and governance audit trails.
Lead complex investigations involving AI services across endpoints, identities, APIs, cloud workloads, and AI platforms, ensuring accurate classification, timely escalation, effective containment, and clear stakeholder communication.
Map AI attacker behaviors to recognized adversary and attack frameworks, and translate threat intelligence into actionable detection logic, investigation guidance, and proactive threat-hunting hypotheses.
Oversee alert tuning and false-positive reduction across SIEM, XDR, EDR, UEBA, and NDR pipelines to improve alert fidelity, prioritization, and analyst efficiency for AI-related incidents.
Lead AI threat hunting initiatives across AI workload telemetry, cloud control plane logs, identity signals, endpoint visibility, and application events to identify emerging attack paths and unknown abuse patterns.
Partner with cloud, platform, DevSecOps, and engineering teams to onboard AI telemetry sources and improve end-to-end SOC visibility across AI services, Kubernetes, serverless environments, gateways, APIs, and supporting data layers.
Produce executive summaries, operational dashboards, root cause analyses, and post-incident reporting, while defining and tracking AI detection KPIs such as MTTD, MTTR, alert fidelity, detection effectiveness, and coverage gaps to continuously improve SOC performance and AI monitoring maturity.
Mentor and guide SOC analysts through investigation quality reviews, improved case handling, AI security monitoring best practices, and operational decision-making during high-pressure incidents.
Drive SOC maturity initiatives including detection-as-code adoption, automation expansion, purple-teaming feedback loops, KPI/KRI-driven reporting, and the long-term AI-aware SOC monitoring roadmap.
Professional & Technical Skills
Strong grasp of Generative and Agentic AI, prompt engineering, and AI evaluation frameworks. Ability to align AI capabilities with business objectives while ensuring scalability, responsible use, and tangible value realization. The candidate should be AI Native.
Strong leadership experience in SOC operations, including triage governance, escalation management, incident coordination, operational quality control, and analyst enablement.
Advanced expertise in SIEM platforms such as Splunk, Microsoft Sentinel, QRadar, or Elastic, with strong hands-on capability in SPL, KQL, detection engineering, and content development.
Deep understanding of cloud security operations across AWS, Azure, and GCP, including visibility across identities, APIs, workloads, control planes, and containerized environments.
Strong knowledge of AI/GenAI security monitoring requirements across LLM applications, AI agents, orchestration layers, model APIs, retrieval pipelines, RAG workflows, and vector database telemetry.
Proven ability to convert AI threat patterns into operational detections and response workflows for prompt attacks, jailbreaks, tool misuse, anomalous token consumption, model or API abuse, and data leakage scenarios.
Experience with EDR, XDR, SOAR, UEBA, and NDR, and related security operations tooling, including orchestration of enrichment, containment, and investigation support actions.
Strong incident response lifecycle knowledge, including evidence preservation, containment coordination, eradication support, recovery validation, PIR, and lessons learned processes.
Hands-on threat hunting capability with the ability to build and test hypotheses across AI, cloud, identity, endpoint, and application telemetry.
Strong stakeholder management and communication skills across cyber defense, platform engineering, cloud operations, application owners, governance, privacy, legal, and leadership teams.
Strong reporting and metrics mindset, with experience defining and using performance indicators such as MTTD, MTTR, coverage gaps, alert quality, detection fidelity, and analyst readiness.
Good understanding of attacker tradecraft, adversary simulation concepts, and AI-specific abuse scenarios relevant to modern SOC environments.
Preferred certifications include CompTIA CySA+, Microsoft Certified: Security Operations Analyst Associate (SC-200) (SOC operations with Azure Sentinel AI), CompTIA SecAI+ , SANS SEC598 – AI and Security Automation or any relevant certification, CISSP, CISM.
Additional Information
Employment Type: Full-time
Location: Bengaluru, Hyderabad, Pune, Chennai, Mumbai, Gurugram (Gurgaon), Jaipur
Education Requirement: 15 years of full-time education is required. AI Powered Tech Talent
15 years full time education
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Secure AI
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
Seeking a forward-thinking professional with an AI-first mindset to design, develop, and deploy enterprise-grade solutions using Generative and Agentic AI frameworks that drive innovation, efficiency, and business transformation.
We are seeking an operationally strong AI SOC Lead with 9+ years of experience with deep expertise in security operations, detection engineering, incident response, and AI security monitoring. This role is ideal for professionals who thrive in fast-paced environments and are passionate about securing modern AI/ML and GenAI ecosystems. You will lead SOC operations for AI-aware environments, strengthen detection and response capabilities for LLM applications, AI agents, model APIs, orchestration platforms, and AI data pipelines, and guide the organization s AI monitoring strategy at both strategic and technical levels. The ideal candidate demonstrates strong leadership, advanced SOC and threat detection expertise, and a practical understanding of AI-specific attack patterns, cloud-native telemetry, and incident response excellence.
Roles & Responsibilities
Lead AI-driven solution design and delivery by applying GenAI and Agentic AI to address complex business challenges, automate processes, and integrate intelligent insights into enterprise workflows for measurable impact.
Lead day-to-day SOC monitoring, triage, investigation, escalation, and incident handling activities, with a priority focus on AI/GenAI systems, platforms, and telemetry sources.
Own and mature the AI detection strategy, driving the development, optimization, and continuous improvement of AI-focused detection use cases for threats such as prompt injection, jailbreak attempts, malicious prompt chaining, tool or plugin misuse, model misuse, unauthorized model access, and sensitive data leakage.
Define, establish, and enforce AI-specific incident response playbooks and runbooks, covering triage, containment, eradication, recovery, escalation, evidence preservation, communication protocols, and post-incident lessons learned for AI-related abuse and exposure scenarios.
Establish AI logging and telemetry standards in partnership with engineering teams, covering prompt logs, inference metadata, token usage, tool invocation trails, retrieval traces, guardrail events, and governance audit trails.
Lead complex investigations involving AI services across endpoints, identities, APIs, cloud workloads, and AI platforms, ensuring accurate classification, timely escalation, effective containment, and clear stakeholder communication.
Map AI attacker behaviors to recognized adversary and attack frameworks, and translate threat intelligence into actionable detection logic, investigation guidance, and proactive threat-hunting hypotheses.
Oversee alert tuning and false-positive reduction across SIEM, XDR, EDR, UEBA, and NDR pipelines to improve alert fidelity, prioritization, and analyst efficiency for AI-related incidents.
Lead AI threat hunting initiatives across AI workload telemetry, cloud control plane logs, identity signals, endpoint visibility, and application events to identify emerging attack paths and unknown abuse patterns.
Partner with cloud, platform, DevSecOps, and engineering teams to onboard AI telemetry sources and improve end-to-end SOC visibility across AI services, Kubernetes, serverless environments, gateways, APIs, and supporting data layers.
Produce executive summaries, operational dashboards, root cause analyses, and post-incident reporting, while defining and tracking AI detection KPIs such as MTTD, MTTR, alert fidelity, detection effectiveness, and coverage gaps to continuously improve SOC performance and AI monitoring maturity.
Mentor and guide SOC analysts through investigation quality reviews, improved case handling, AI security monitoring best practices, and operational decision-making during high-pressure incidents.
Drive SOC maturity initiatives including detection-as-code adoption, automation expansion, purple-teaming feedback loops, KPI/KRI-driven reporting, and the long-term AI-aware SOC monitoring roadmap.
Professional & Technical Skills
Strong grasp of Generative and Agentic AI, prompt engineering, and AI evaluation frameworks. Ability to align AI capabilities with business objectives while ensuring scalability, responsible use, and tangible value realization. The candidate should be AI Native.
Strong leadership experience in SOC operations, including triage governance, escalation management, incident coordination, operational quality control, and analyst enablement.
Advanced expertise in SIEM platforms such as Splunk, Microsoft Sentinel, QRadar, or Elastic, with strong hands-on capability in SPL, KQL, detection engineering, and content development.
Deep understanding of cloud security operations across AWS, Azure, and GCP, including visibility across identities, APIs, workloads, control planes, and containerized environments.
Strong knowledge of AI/GenAI security monitoring requirements across LLM applications, AI agents, orchestration layers, model APIs, retrieval pipelines, RAG workflows, and vector database telemetry.
Proven ability to convert AI threat patterns into operational detections and response workflows for prompt attacks, jailbreaks, tool misuse, anomalous token consumption, model or API abuse, and data leakage scenarios.
Experience with EDR, XDR, SOAR, UEBA, and NDR, and related security operations tooling, including orchestration of enrichment, containment, and investigation support actions.
Strong incident response lifecycle knowledge, including evidence preservation, containment coordination, eradication support, recovery validation, PIR, and lessons learned processes.
Hands-on threat hunting capability with the ability to build and test hypotheses across AI, cloud, identity, endpoint, and application telemetry.
Strong stakeholder management and communication skills across cyber defense, platform engineering, cloud operations, application owners, governance, privacy, legal, and leadership teams.
Strong reporting and metrics mindset, with experience defining and using performance indicators such as MTTD, MTTR, coverage gaps, alert quality, detection fidelity, and analyst readiness.
Good understanding of attacker tradecraft, adversary simulation concepts, and AI-specific abuse scenarios relevant to modern SOC environments.
Preferred certifications include CompTIA CySA+, Microsoft Certified: Security Operations Analyst Associate (SC-200) (SOC operations with Azure Sentinel AI), CompTIA SecAI+ , SANS SEC598 – AI and Security Automation or any relevant certification, CISSP, CISM.
Additional Information
Employment Type: Full-time
Location: Bengaluru, Hyderabad, Pune, Chennai, Mumbai, Gurugram (Gurgaon), Jaipur
Education Requirement: 15 years of full-time education is required. AI Powered Tech Talent
15 years full time education
About Accenture
Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.Visit us at www.accenture.com
Equal Employment Opportunity Statement
We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.
Security pay context
Based on 1,675 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $113K and $183K (10th–90th percentile: $91K–$216K).
See the full Security salary breakdown →