Job Title

PwC is looking for an experienced technical candidate to lead, and support, our Cyber Managed Service clients and Security Operations Center Team, an essential part of our world-class managed services portfolio. In this role, you will be part of a team leading client-centric program development, analytics, innovation, response, and delivery. A career in PwC’s rapidly growing Cyber Managed Services practice will provide you the opportunity to help define how we solve our clients’ most critical cyber-related challenges and allow them to thrive and focus on their core business. As a Cyber Ops Sr. Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this level include but are not limited to: ● Invite and provide in-the-moment feedback in a constructive manner. ● Share and collaborate effectively with others, creating a positive team spirit. ● Identify and make suggestions for improvements when problems and/or opportunities arise. ● Validate data and analysis for accuracy and relevance. ● Follow risk management and compliance procedures. ● Keep up-to-date with developments in my area of specialty ● Communicate confidently in a clear, concise and articulate manner - verbally and in written form. ● Seek opportunities to learn about the wider economy alongside the business models/corporate governance and/or regulatory environment of our clients ● Uphold the firm's code of ethics and business conduct Basic Qualifications: Minimum Degree Required: Bachelor’s Degree Minimum Years of Experience: Five (5) or more Certification(s) Preferred: GSEC, GCDA, SEC+, Network+, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), CCNA-Security, CEH, CISSP,CTIA Preferred Knowledge/Skills: Demonstrates knowledge, leadership, and/or a proven record of success in the following areas: ● Networking and applying Network Principles (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture ● Applying Incident Response Frameworks and Handling Procedures ● Threat Hunting/Threat Intelligence(Hypothesis and IOC) ● SIEM/SOAR Engineering and Administration ● Malware Analysis(Static and Dynamic) ● Fluency with the cyber attack lifecycle and/or the tactics, techniques, and procedures of threat actors ● Information security, compliance, assurance, and/or other security best practices and principles ● Possessing and fostering an inquisitive mindset amongst team members Demonstrates abilities, leadership, and/or a proven record of success in the following areas: ● Working in a global team environment in an assigned shift, ensuring holidays coverage aligns with client schedules ● Leading daily huddles, shift handovers, preparing reports or providing inputs for reports as assigned ● Acting as a shift leader, monitoring and responding to alert queues, distributing alerts to analysts, monitoring SLA adherence, and working in an evolving environment with multiple priorities. ● Acting as the escalation point for Level 1 analysts based on the defined processes; leading investigations into SIEM, EDR, Email Security, DLP and Phishing security issues and determining if a security concern is present, escalating to client security teams or Cyber Ops leadership as appropriate ● Monitoring and analyzing alerts from a wide array of security devices and systems, such as SIEM’s, Firewalls, IDS/IPS systems, network and perimeter devices, Endpoint Detection and Response (EDR) platforms, etc.) ● Applying the security incident response process: identification, containment and remediation on a 24x7 basis as well as maintaining a willingness to provide suggestions for process improvement. ● Applying scripting language skills in Python or PowerShell to investigations or triage workflow ● Preparing materials (reports, presentations, spreadsheets, etc.) to help enable informed decision making ● Acquiring and utilizing knowledge on new technologies and solutions, exploits, attack vectors, emerging threats, and vulnerabilities ● Running and analyzing vulnerability scan per client schedules ● Analyzing and working with SIEMs, proxy tools, network security devices, IAM, DLP, Windows, *NIX, and application logs. and cloud security monitoring tools and services ● Researching and communicating information regarding the security threat landscape to team members, leadership, and clients ● Contributing to an environment of information sharing as well as acting as a coach for lower-level, more junior analysts.