CD-Cyber Security- SIEM -Splunk/SOAR /Sentinel/ArcSight - Associate 2- Bangalore

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Associate

Job Description & Summary

A career in our Advisory Service Delivery Centre is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements.

Responsibilities

As an Associate, you’ll work as part of a team of problem solvers with extensive consulting and industry experience, helping our clients solve their complex business issues from strategy to execution. Specific responsibilities include but are not limited to:

• Proactively assist the team in various aspects of the project
• Prepare deliverables
• Contribute to the development of your own and team’s technical acumen
• Keep up to date with local and national business and economic issues
• Ensure you are adhering to compliance matters
• Work on developing internal relationships and your PwC brand

Year of Experience

2-4 Years

Position Requirements

Minimum of 2-4years of prior experience in SIEM Technologies, Information Security Expertise in SIEM

solutions like Splunk, ArcSight and Azure Sentinel Tools.

Expertise in building use cases around NIST and MITRE ATT&CK framework to enable detection at

various stages of a cyber-attack.

• Implementation of use cases using SPL/KQL with complex correlation across different data sources.

• Development of dashboards/workbooks, alerts.

• Implementation of SOAR workflows using Logic Apps, Phantom, Demisto etc.

Preferred Knowledge

• Basic knowledge of User Entity Behavior, Machine Learning models.

• Scripting knowledge of python is an added advantage.

• Assist in administration, maintenance, and optimization of the Splunk Enterprise and Splunk ES.

• Integrating log sources with Sentinel using REST API.

• Working knowledge of all architectural components of SIEM

• Knowledge about cloud environment and hybrid environments

Working knowledge in Azure services like Security center, azure monitor, log analytics, NSG, Storage,

Azure Functions,defender ATP, etc.

•

Preferred Skill

SIEM Technologies, Information Security Expertise in SIEM solutions like Splunk, ArcSight and Azure

Sentinel Tools.

• KQL/SPL

Professional and Educational Background
• Bachelor's Degree Preferred

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date