Threat Management Consultant Accenture Middle East

Overview

The Threat Management Consultant provides advanced technical delivery and operational ownership for Threat Intelligence, Threat Detection & Response, SOAR automation, and Vulnerability Management platforms primarily Anomali ThreatStream, Anomali Match, FortiSOAR, and Tenable Security Center (VA). This role ensures effective Solution Operation and Management, leads Incident and Problem Management, performs Root Cause Analysis (RCA), and drives service quality improvement and continuous value addition while supporting audits and maintaining strong service leadership.

Key Responsibilities

Threat Intelligence Operations (Anomali ThreatStream)

• Manage and optimize Threat Intelligence Feeds Collection and ingestion pipelines via Anomali ThreatStream.

• Configure, validate, and maintain TI feed connectors, enrichment rules, and normalization mappings.

• Ensure high-quality threat intel lifecycle management including curation, deduplication, scoring, and dissemination.

Threat Detection & Response (Anomali Match / Darktrace)

• Operate and tune Anomali Match use-cases for threat detection, correlation, and response workflows.

• Support security monitoring, triage, and investigation activities; improve detection logic based on trends and incidents.

• Leverage Darktrace operational experience to enhance detection fidelity and response outcomes.

SOAR Automation (FortiSOAR)

• Own day-to-day operations of the SOAR solution (FortiSOAR) including playbooks, workflows, integrations, and automation governance.

• Build and maintain orchestration workflows for alert triage, enrichment, containment, and remediation.

• Integrate SOAR with security tools and data sources (SIEM/EDR/Email/Sandbox/Threat Intel/Vulnerability platforms) to reduce MTTR.

Vulnerability Management (Tenable Security Center / VA)

• Operate and enhance Vulnerability Assessment processes using Tenable Security Center (or equivalent Tenable tools).

• Support asset coverage, scan schedules, credentialed scanning, remediation validation, and risk-based prioritization.

• Produce vulnerability reporting dashboards and metrics aligned to SLA/KPI requirements.

Incident, Problem Management & RCA

• Lead Incident and Problem Management, ensuring prompt resolution and effective stakeholder communication.

• Conduct Root Cause Analysis (RCA), document findings, and implement corrective and preventive actions.

• Drive continual reduction of recurring incidents through process and automation improvements.

Service Operations, Health Checks & Upgrades

• Perform platform health checks, capacity monitoring, and performance optimization.

• Plan and execute patching and upgrade activities (including regression validation and rollback planning).

• Maintain service documentation (runbooks, SOPs, playbooks) and ensure operational readiness.

Quality, Compliance & Audit Support

• Support internal/external audits by maintaining evidence, logs, change records, and configuration baselines.

• Ensure adherence to operational governance, change management, and security standards.

• Drive Service Quality Improvement initiatives and deliver continuous value addition through measurable enhancements.

Required Skills & Experience

• 5 7 years of hands-on experience in Security Operations / Threat Management / SOC Engineering / Incident Response.

• Strong operational experience with:

  • Anomali ThreatStream (Threat Intelligence Feeds Collector / TI platform operations)

  • Anomali Match (Threat Detection and Response)

  • FortiSOAR (SOAR solution operations, playbooks, orchestration)

  • Tenable Security Center (Vulnerability Management / VA operations)

  • Darktrace (Operational experience)

• Proven expertise in:

  • Incident & Problem Management, RCA, SLA/KPI tracking

  • Threat intel ingestion/orchestration workflows and automation

  • Security tooling integration, APIs, connectors, and workflow automation concepts

  • Service operations best practices (ITIL-aligned preferred)