IN-Senior Associate _SOC_Strategy and Governance_Advisory _Gurgaon

Line of ServiceAdvisory

Industry/SectorFS X-Sector

SpecialismRisk

Management LevelSenior Associate

Job Description & SummaryAt PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

\*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for

our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for

each other. Learn more about us

.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job Description & Summary: Security Architecture is part of Jio's Information Security Team. Primary responsibility of this team is to design & architect secure solutions and to identity threats in early design/architect phases of product development cycle. Drive secure by design initiatives in the organization & mentor delivery teams with right security direction & controls to protect customer data.

Responsibilities

• Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility.
• Identifying and maintaining Key metrics and SLA on Infrastructure Security.
• Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems.
• Thorough experience in configurations reviews against CIS benchmarks and security standards.
• Ensure all Hardening and Patching activities are conducted and tracked as per defined policies.
• Create/Update hardening documents and build audit file for automated testing.
• Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities.
• Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people.
• Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations.
• Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings.
• Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
• Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans.
• Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc.
• The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng
• Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises.

Mandatory skill sets:

• Identifying and maintaining Key metrics and SLA on Infrastructure Security.

Preferred skill sets:

• Identifying and maintaining Key metrics and SLA on Infrastructure Security.

Years of experience required:

4-6 years of experience

Education qualification:

• Bachelor’s/Master’s in CS, IT, or related field (B.E./B.Tech/MCA)

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Master of Engineering, Bachelor of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

SoCs

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date