IN-Associate_SOC _Managed Services_Advisory _Mumbai

Line of ServiceAdvisory

Industry/SectorFS X-Sector

SpecialismRisk

Management LevelAssociate

Job Description & SummaryAt PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

Why PWCAt PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us

.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Responsibilities

• Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility.
• Identifying and maintaining Key metrics and SLA on Infrastructure Security.
• Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems.
• Thorough experience in configurations reviews against CIS benchmarks and security standards.
• Ensure all Hardening and Patching activities are conducted and tracked as per defined policies.
• Create/Update hardening documents and build audit file for automated testing.
• Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities.
• Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people.
• Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations.
• Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings.
• Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
• Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans.
• Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc.
• The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng
• Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises.

Mandatory skill sets:

• Identifying and maintaining Key metrics and SLA on Infrastructure Security.

Preferred skill sets:

• Identifying and maintaining Key metrics and SLA on Infrastructure Security.

Years of experience required:

4-6 years of experience

Education qualification:

• Bachelor’s/Master’s in CS, IT, or related field (B.E./B.Tech/MCA)

Education

Degrees/Field of Study required: Bachelor of Engineering, Master of Engineering

Degrees/Field of Study preferred:

Certifications

Required Skills

Good Clinical Practice (GCP)

Optional Skills

Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring

Desired Languages

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date