Cyber Posture Management Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

Meaningful work you’ll be part of

As a Cyber Posture Management Senior Associate, you’ll work as part of a team of problem solvers, helping to solve business issues, deliver high quality client service and operational efficiency. Responsibilities include but are not limited to:

• Continuously monitor the health of security and data protection systems, taking appropriate actions to ensure their optimal performance and integrating new data sources into security and data protection platforms.
• Provide troubleshooting and support for configurations and management of security and data protection systems. And ensure systems are patched and updated to meet security requirements, maintaining optimal performance and compliance. Being available for on-call rotation to address urgent data protection issues and incidents.
• Create and tune policies, enforce policies and best practices, ensuring compliance with industry standards and regulatory requirements. Also, understand and maintain security platforms, ensuring they are used to their full potential.
• Manage and optimize tools and technologies to ensure they are effectively configured, tuned, and updated to protect against emerging threats. Building and maintaining Standard Operating Procedures (SOP), Current State Assessments (CSA), and runbooks for documentation purposes.
• Work closely with client focal points to provide regular updates (weekly/monthly/quarterly). Coordinating with internal and external stakeholders, building and maintaining positive working relationships. And providing knowledge transfer sessions to peers and client personnel as required.
• Stay up to date on the latest trends, threats, and techniques. Conduct research and evaluate new tools and technologies to enhance the organization's security capabilities.
• Lead or participate in incident response activities, including investigating incidents containing threats, and coordinating with other teams for timely resolution.
• Ensure the identification, assessment, reporting, communication, mitigation, and monitoring of security incidents.
• Ensure compliance with SLAs, process adherence, and drive process improvements to achieve operational objectives.
• Revise and develop processes to strengthen the current Operations Framework, reviewing policies and highlighting challenges in managing. Monitoring operational metrics data during reporting periods.
• Implement change requests (CR) that include upgrades and new feature implementations for security tools.

Experiences and skills you’ll use to solve

• Experience in security device management including SIEM, EDR, DLP platforms and/or other security devices including Proxy, Email Security and other security technologies. Expertise in managing and implementing Data Pipeline solutions and a background working in a MSSP and/or SOC environment.
• Technical and Hands-on experience with two or more of the following technologies: Splunk, Azure Sentinel, QRadar, Arcsight, Proofpoint, McAfee Endpoint Protection, Checkpoint, CrowdStrike, Microsoft Purview, Microsoft AIP, Microsoft Defender for Cloud Apps.
• Knowledge of various operating system flavors including but not limited to Windows, MacOS and, Linux
• Minimum 3 years of hands-on experience with two or more of the following technologies including EDR, DP, SIEM and Network Security. Consulting experience in a Big 4 or similar is an asset, and project management experience.
• Business continuity for client systems by maintaining robust protection measures. With the ability to manage a few projects, meet deadlines and manage stakeholder expectations.
• Awareness and adherence to relevant regulatory requirements such as HIPAA, GDPR, PCI-DSS, and others, maintaining compliance across all data protection activities. Technical designations such as CISSP, CISA, CISM, OSCP, CEH, ECSA, GPEN, GWAPT will be considered an advantage.
• Industry certifications from Palo Alto, Microsoft Azure/AWS, Microsoft DLP/AIP are a strong asset.
• A bachelor's degree in a relevant field is often preferred, such as Computer Science, Information Technology, Cybersecurity, or a related discipline.
• Strong verbal and written communication skills to effectively communicate with team members, stakeholders, and management, including the ability to explain technical concepts to non-technical audiences. With experience in performing vendor management. Being able to handle high pressure situations with key stakeholders internally and externally.
• Willingness to adapt to evolving threats and technologies, continuously learning and updating skills to stay ahead of emerging threats in the cybersecurity landscape. With the ability to work effectively in a team environment, collaborating with colleagues from diverse backgrounds and disciplines to achieve common security goals.
• Good analytical, problem solving and interpersonal skills. In addition to technical skills, soft skills such as analytical thinking, communication, problem-solving, teamwork, and adaptability are expected for effectively collaborating with colleagues, communicating with stakeholders, and addressing security challenges.
• PwC Canada is committed to cultivating an inclusive, hybrid work environment. Exact expectations for your team can be discussed with your interviewer-