Experienced Associate – SIEM/SOAR Engineering - SecOps [US Client]
Job Description
- Python scripting for automation
- Security architecture, tool integration, API development, and automation
- Operating system internals (Linux and Windows)
- User Entity Behavior and basic Machine Learning models
- SIEM and SOAR architectural components
- Google SecOps, cloud and hybrid environments
- Threat intelligence and threat hunting
- Widget and dashboard development
- MITRE framework
- SIEM technologies (Splunk, QRadar, Sentinel, etc.)
- SOAR technologies (Phantom, Cortex XSOAR, Siemplify, etc.)
- Information Security expertise
- API programming and Python
- Support exploration and implementation of Generative AI models to enhance detection logic, log summarization, and threat triage.
- Hands-on experience with Google SecOps SIEM and SOAR technologies.
- Develop custom parsers for log ingestion and troubleshoot log sources.
- Create and tune security detections using YARA-L.
- Build and maintain automation playbooks (low-code/no-code).
- Integrate apps and systems with Google SecOps.
- Improve security processes and workflows through Google SOAR automation.
- Support incident triage and response playbook development.
- Reduce analysis time for security events.
- Design, implement, and maintain security systems.
- Analyze vulnerabilities and mitigate risks.
- Ensure compliance with industry standards.
- Conduct security audits and recommend posture enhancements.
- Bachelor’s Degree (preferred).
- Knowledge of Information Security and Data Protection.
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.
As a security engineer at PwC you will design, implement, and maintain security systems to protect an organisation's digital assets. You will analyse potential vulnerabilities, develop strategies to mitigate risks, and confirm compliance with industry standards and regulations. Additionally, you will conduct security audits and provide recommendations for enhancing the overall security posture.
Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities.
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
- Apply a learning mindset and take ownership for your own development.
- Appreciate diverse perspectives, needs, and feelings of others.
- Adopt habits to sustain high performance and develop your potential.
- Actively listen, ask questions to check understanding, and clearly express ideas.
- Seek, reflect, act on, and give feedback.
- Gather information from a range of sources to analyse facts and discern patterns.
- Commit to understanding how the business works and building commercial awareness.
- Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.
We are looking for an Experienced Associate with hands-on experience in Google SecOps SIEM and SOAR technologies to join our Cybersecurity team. The ideal candidate will support the development of custom parsers for log ingestion, assist in troubleshooting log sources, and contribute to the creation and tuning of detections using YARA-L. You will help build and maintain playbooks using low-code or no-code automation, and participate in integrating apps/systems with Google SecOps, leveraging both standard and custom integrations.
You will collaborate in the assessment and improvement of processes and workflows, focusing on automation through Google SOAR tools. Responsibilities include integrating new logging sources, supporting playbook development for incident triage and response, and helping reduce analysis time for security events.
Preferred Knowledge:
- Python scripting for automation
- Security architecture, tool integration, API development, and automation
- Operating system internals (Linux and Windows)
- User Entity Behavior and basic Machine Learning models
- SIEM and SOAR architectural components
- Google SecOps, cloud and hybrid environments
- Threat intelligence and threat hunting
- Widget and dashboard development
- MITRE framework
Preferred Skills:
- SIEM technologies (Splunk, QRadar, Sentinel, etc.)
- SOAR technologies (Phantom, Cortex XSOAR, Siemplify, etc.)
- Information Security expertise
- API programming and Python
Generative AI in Security:
- Support the exploration and implementation of Generative AI models to enhance detection logic, log summarization, and threat triage.
Education:
Bachelor’s Degree preferred.
- Understand the importance of have a correct information management
- Knowledge of Information Security and Data Protection
- Correct Information Security Management
All qualified applicants will receive consideration for employment at PwC without regard to ethnicity; creed; color; religion; national origin; age; disability; neurodiversity; sexual orientation; gender identity or expression; marital; or any other status protected by law. PwC is proud to be an inclusive organization and equal opportunity employer.
Travel Requirements
Not Specified
