AC Cyber Managed Services - Senior Associate - Operate

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Advisory - Other

Management Level

Senior Associate

Job Description & Summary

A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology.

Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You'll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments.

Our threat detection and response managed services team helps organizations through end to end support for their Security Operation Center from operating model and architectural design and implementation to ongoing operations with automation and operational improvements.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness, personal strengths and address development areas.
• Delegate to others to provide stretch opportunities, coaching them to deliver results.
• Demonstrate critical thinking and the ability to bring order to unstructured problems.
• Use a broad range of tools and techniques to extract insights from current industry or sector trends.
• Review your work and that of others for quality, accuracy and relevance.
• Know how and when to use tools available for a given situation and can explain the reasons for this choice.
• Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
• Use straightforward communication, in a structured way, when influencing and connecting with others.
• Able to read situations and modify behavior to build quality relationships.
• Uphold the firm's code of ethics and business conduct.

PwC is looking for an experienced technical candidate to lead, and support, our Cyber Managed Service clients and Security Operations Center Team, an essential part of our world-class managed services portfolio. In this role, you will be part of a team leading client-centric program development, analytics, innovation, response, and delivery. A career in PwC’s rapidly growing Cyber Managed Services practice will provide you the opportunity to help define how we solve our clients’ most critical cyber-related challenges and allow them to thrive and focus on their core business.

You will be working with, and providing guidance to, a team residing locally in PwC’s Mexico facility responsible for the delivery of premium Cyber Managed Services including, but not limited to, 1) Threat Detection and Response, 2) Vulnerability Management, 3) Identity and Access Management.

Daily working hours 10 AM  -7 PM MEX time, with one of the days of the shift being a weekend day (Sun - Thur or Tues - Sat). In office days are "tentatively" scheduled to be Tuesday-Thursday.

This role requires working from the PwC office three days per week.

As a Cyber Ops Sr. Associate, PwC professional skills and responsibilities for this level include but are not limited to:

· Invite and provide in-the-moment team member feedback in a constructive manner.

· Share and collaborate effectively with others, creating a positive team spirit.

· Identify and make suggestions for improvements when problems and/or opportunities arise.

· Validate data and analysis for accuracy and relevance.

· Follow risk management and compliance procedures.

· Communicate confidently in a clear, concise and articulate manner - verbally and in written form.

· Directly engage clients assisting to resolve complex issues beyond L1 support capabilities.

· Uphold the firm's code of ethics and business conduct.

Basic Qualifications:

Minimum Degree Required:

· Bachelor’s Degree

· Associate’s Degree with related experience

Minimum Years of Experience: Four (4) or more

Certification(s) Preferred: GSEC, GCDA, SEC+, Network+, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), CCNA-Security, CEH, CISSP

Preferred Knowledge/Skills:

Demonstrates knowledge, leadership, and/or a proven record of success in the following areas:

· Networking and applying Network Principles (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture

· Applying Incident Response Frameworks and Handling Procedures

· Strong experience with the use of Vulnerability Management tools (e.g. Qualys, Nessus, Rapid7, and Tenable SC)

· Fluency with the cyber-attack lifecycle and/or the tactics, techniques, and procedures of threat actors

· Information security, compliance, assurance, and/or other security best practices and principles

· Possessing and fostering an inquisitive mindset amongst team members

· Containing the ability to mentor, and train, L1 IT security professionals on security processes, procedures, and best practices related to the Cyber Managed Services delivered by PwC.

· Review your work and that of others for quality, accuracy and relevance.

· Delegate to others to provide stretch opportunities, coaching them to deliver results.

· Demonstrate critical thinking and the ability to bring order to unstructured problems.

Demonstrates abilities, leadership, and/or a proven record of success in the following areas:

· Working in a global team environment in an assigned shift, ensuring holidays coverage aligns with client schedules

· Leading daily huddles, shift handovers, preparing reports or providing inputs for reports as assigned

· Acting as a shift leader, monitoring and responding to alert queues, distributing alerts to analysts, monitoring SLA adherence, and working in an evolving environment with multiple priorities

· Acting as the escalation point for Level 1 analysts based on the defined processes; leading investigations into SIEM, DLP, Host (endpoint) security issues and determining if a security concern is present, escalating to client security teams or Cyber Ops leadership as appropriate

· Monitoring and analyzing alerts from a wide array of security devices and systems, such as SIEM’s, Firewalls, IDS/IPS systems, network and perimeter devices, Endpoint Detection and Response (EDR) platforms, etc.)

· Applying the security incident response process: identification, containment and remediation on a 24x7 basis as well as maintaining a willingness to provide suggestions for process improvement

· Applying scripting language skills in Python or PowerShell to investigations or triage workflow

· Preparing materials (reports, presentations, spreadsheets, etc.) to help enable informed decision making

· Acquiring and utilizing knowledge on new technologies and solutions, exploits, attack vectors, emerging threats, and vulnerabilities

· Running and analyzing vulnerability scans per client schedules

· Demonstrating experience driving the configuration of vulnerability assessment tools, including the integration of feedback from IT owners to reduce false positives

· Demonstrating experience performing analysis and prioritization of identified vulnerabilities and remediation recommendations

· Demonstrating experience preparing vulnerability data and reports for technical and executive audiences

· Demonstrating experience with end-to-end Vulnerability Management processes and tools including host-based applications scanners, patch management, GRC tools and ITSM

· Analyzing and working with SIEMs, proxy tools, network security devices, IAM, DLP, Windows, *NIX, application logs. and cloud security monitoring tools and services

· Researching and communicating information regarding the security threat landscape to team members, leadership, and clients

· Contributing to an environment of information sharing as well as acting as a coach for lower-level, more junior analysts.

Travel Expectations: Less than 10%

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor Degree

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Client Security, Incident Response, Information Technology Security, Management Process, Security Incident Response, Teamwork, Threat Detection

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date