Managed Services - Cyber - Security Analysts - Senior Associate - Operate

Job Description

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Senior Associate Cyber Managed Service Job Description PwC is looking for an experienced technical candidate to lead, and support, our Cyber Managed Service clients and Security Operations Center Team, an essential part of our world-class managed services portfolio. In this role, you will be part of a team leading client-centric program development, analytics, innovation, response, and delivery. A career in PwC’s rapidly growing Cyber Managed Services practice will provide you the opportunity to help define how we solve our clients’ most critical cyber-related challenges and allow them to thrive and focus on their core business. Responsibilities As a Cyber Ops Sr. Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this level include but are not limited to: Invite and provide in-the-moment feedback in a constructive manner. Share and collaborate effectively with others, creating a positive team spirit. Identify and make suggestions for improvements when problems and/or opportunities arise. Validate data and analysis for accuracy and relevance. Follow risk management and compliance procedures. Keep up-to-date with developments in my area of specialty. Communicate confidently in a clear, concise and articulate manner - verbally and in written form. Seek opportunities to learn about the wider economy alongside the business models/corporate governance and/or regulatory environment of our clients. Uphold the firm's code of ethics and business conduct. Basic Qualifications Minimum Degree Required: Bachelor’s Degree Minimum Years of Experience: Five (5) or more Certification(s) Preferred: GSEC, GCDA, SEC+, Network+, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), CCNA-Security, CEH, CISSP, CTIA Preferred Knowledge/Skills: Demonstrates knowledge, leadership, and/or a proven record of success in the following areas: Networking and applying Network Principles (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture Applying Incident Response Frameworks and Handling Procedures Threat Hunting/Threat Intelligence (Hypothesis and IOC) SIEM/SOAR Engineering and Administration Malware Analysis (Static and Dynamic) Fluency with the cyber attack lifecycle and/or the tactics, techniques, and procedures of threat actors Information security, compliance, assurance, and/or other security best practices and principles Possessing and fostering an inquisitive mindset amongst team members Demonstrates abilities, leadership, and/or a proven record of success in the following areas: Working in a global team environment in an assigned shift, ensuring holidays coverage aligns with client schedules Leading daily huddles, shift handovers, preparing reports or providing inputs for reports as assigned Acting as a shift leader, monitoring and responding to alert queues, distributing alerts to analysts, monitoring SLA adherence, and working in an evolving environment with multiple priorities. Acting as the escalation point for Level 1 analysts based on the defined processes; leading investigations into SIEM, EDR, Email Security, DLP and Phishing security issues and determining if a security concern is present, escalating to client security teams or Cyber Ops leadership as appropriate Monitoring and analyzing alerts from a wide array of security devices and systems, such as SIEM’s, Firewalls, IDS/IPS systems, network and perimeter devices, Endpoint Detection and Response (EDR) platforms, etc. Applying the security incident response process: identification, containment and remediation on a 24x7 basis as well as maintaining a willingness to provide suggestions for process improvement. Applying scripting language skills in Python or PowerShell to investigations or triage workflow Preparing materials (reports, presentations, spreadsheets, etc.) to help enable informed decision making Acquiring and utilizing knowledge on new technologies and solutions, exploits, attack vectors, emerging threats, and vulnerabilities Running and analyzing vulnerability scan per client schedules Analyzing and working with SIEMs, proxy tools, network security devices, IAM, DLP, Windows, *NIX, and application logs, and cloud security monitoring tools and services Researching and communicating information regarding the security threat landscape to team members, leadership, and clients Contributing to an environment of information sharing as well as acting as a coach for lower-level, more junior analysts. Tools Knowledge SentinelOne, Splunk, MS Sentinel, MS Defender EDR, CrowdStrike, Cortex XDR, Palo Alto XSOAR, Phantom, O365, Proofpoint, DLP SentinelOne Play a critical role in proactively detecting, analyzing, and responding to cybersecurity threats using SentinelOne SIEM platforms. Lead the investigation of complex security incidents, perform in-depth threat analysis, and guide junior analysts (L1) during triage and escalation processes. Experience in building and optimizing dashboards, creating and managing watchlists, writing and fine-tuning queries, and developing detection rules aligned with current threat intelligence and MITRE ATT&CK use cases.