Managed Services - Cyber Threat Detection and Responses - Associate - PwC : Job Details

Specialty/Competency: Managed ServicesIndustry/Sector: Not ApplicableTime Type: Full timeTravel Requirements: 0%A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology.Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You'll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments.Our threat detection and response managed services team helps organizations through end to end support for their Security Operation Center from operating model and architectural design and implementation to ongoing operations with automation and operational improvements.To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Invite and give in the moment feedback in a constructive manner.
• Share and collaborate effectively with others.
• Identify and make suggestions for improvements when problems and/or opportunities arise.
• Handle, manipulate and analyse data and information responsibly.
• Follow risk management and compliance procedures.
• Keep up-to-date with developments in area of specialism.
• Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.
• Build and maintain an internal and external network.
• Seek opportunities to learn about how PwC works as a global network of firms.
• Uphold the firm's code of ethics and business conduct.

Job Requirements and Preferences:Basic Qualifications:Minimum Degree Required:Bachelor DegreeAdditional Educational Requirements:Bachelor's Degree, in lieu of a degree, demonstrating in addition to the minimum years of experience required for the role, three years of specialized training and/or progressively responsible work experience in technology for each missing year of college is required. Minimum Years of Experience:2 year(s)Preferred Qualifications:Preferred Fields of Study:Information Technology, Information CyberSecurity, Computer and Information Science & AccountingCertification(s) Preferred:GSEC, SEC+, Network+, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), Microsoft Azure (e.g,. MS-500, AZ-900), AWS, GCPPreferred Knowledge/Skills:Demonstrates some knowledge and/or proven record of success in the following areas:

• Understanding Networking and applying Network Principles (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture;
• Applying Incident Response Frameworks and Handling Procedures;
• Applying vulnerability management and penetration testing of systems, applications, and networks;
• Understanding information security, compliance, assurance, and/or other security industry leading practices and principles;
• Utilizing Windows, Linux operating systems logs; and,
• Working with cloud environments and associated cloud security monitoring tools.

Demonstrates some abilities and/or proven record of success in the following areas:

• Working in a shift environment during the assigned shifts, with holidays aligned with client schedules;
• Leading daily huddles, shift handovers, preparing reports or providing inputs for reports as assigned;
• Acting as a shift leader, monitoring alert workload, distributing alerts to analysts, and monitoring SLA adherence;
• Acting as the escalation point for Level 1 analysts based on the defined processes;
• Performing investigations into SIEM, DLP, Host (end point) security issues and determining if a security concern is present, and escalating to leadership as appropriate;
• Monitoring and analyzing alerts from a wide array of security devices and systems (SIEM's, Firewalls, IDS/IPS, Systems, Networks, Anti-virus, etc.);
• Applying the security incident response process: identification, containment and remediation on a 24x7 basis;
• Applying scripting language skills in Python or PowerShell;
• Preparing materials (reports, presentations, spreadsheets, etc.) to help enable informed decision making;
• Acquiring and utilizing knowledge on new technologies and solutions, emerging threats and vulnerabilities;
• Running and analyzing a vulnerability scan as per the client schedules;
• Working with SIEMs, proxy tools, DLP, Windows, Linux and application logs;
• Analyzing logs from Network security devices, hands on experience with SIEM and/or UEBA technology, network security devices, identity and access management principles, DLP incident evidence gathering utilizing and applying into projects analytic skills for problem analysis and resolution;
• Communicating information regarding the security threat landscape to leadership and clients;
• Identifying security threats, exploits, attack vectors and leading security investigations; and,
• Monitoring the local threat ops channels/SIEM/AV/DLP Policy violation consoles and notifying the client/stakeholders of any suspicious/malicious activity within agreed SLA timelines.

Learn more about how we work: PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.For positions in California, Colorado, Hawaii, Nevada, New York State, or Washington State, or for opportunities that will report to a supervisor, office or other work site in New York State, please visit the following link for pay range information: