Managed Services - Cybersecurity Vulnerabilities Management - Senior Associate
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Line of Service
Internal Firm ServicesIndustry/Sector
Not ApplicableSpecialism
IFS Internal Firm Services OtherManagement Level
Senior AssociateJob Description & Summary
At PwC our people in managed services focus on a variety of outsourced solutions and support clients across numerous functions. These individuals help organisations streamline their operations reduce costs and improve efficiency by managing key processes and functions on their behalf. They are skilled in project management technology and process optimization to deliver highquality services to clients.As a managed service delivery generalist at PwC you will execute outsourced processes such as client and customer interaction; data review enrichment and processing; implementing and monitoring quality controls; and resolving escalations and queries.
- Job Details
Job Summary:
What does this role aim to achieve in the firm/what impact does the role create
This role is critical in ensuring our clients IT environments are secure by identifying analyzing and managing vulnerabilities across their systems and networks. The ideal candidate will have handson experience with industryleading vulnerability management tools a strong understanding of security frameworks and expertise in applying methodologies to drive effective vulnerability remediation.
Roles and Responsibilities:
Daily tasks and delivery expectation
Vulnerability Assessments: Conduct regular vulnerability scans and assessments using tools such as Tenable Qualys and MS Defender Vulnerability Management ensuring comprehensive coverage of client environments.
Analysis and Prioritization: Analyze scan results prioritize vulnerabilities based on risk level and collaborate with clients to establish remediation timelines.
Remediation Support: Work closely with client IT teams to guide and support vulnerability remediation efforts leveraging methodologies such as the MITRE ATT&CK framework to contextualize threats and risk.
Reporting and Documentation: Prepare detailed vulnerability reports including metrics trends and recommendations tailored to client requirements and aligned with regional compliance standards.
Process Improvement: Continuously enhance vulnerability management processes and methodologies to improve efficiency accuracy and effectiveness.
Client Collaboration: Act as a trusted advisor to clients ensuring alignment with their security objectives and maintaining strong communication throughout vulnerability management engagements.
Leverage automation tools and integrations to reduce manual efforts and enhance the effectiveness of GRC processes.
Awareness Program Support (Secondary Focus):
Provide supplementary support for managed cybersecurity awareness programs using tools like KnowBe4 CoFense and ProofPoint when required.
Assist in integrating awareness components into broader GRC frameworks to enhance organizational security culture.
Expected Skills:
Specific learned abilities or technical skills
Handson experience with vulnerability management tools particularly Tenable Qualys and MS Defender VM.
Knowledge of vulnerability assessment methodologies patch management processes and threat modeling.
Understanding of industry frameworks such as CVSS (Common Vulnerability Scoring System) and security standards like ISO 27001 and NIST.
Familiarity with industry frameworks and standards including:
CVSS (Common Vulnerability Scoring System)
ISO 27001 and NIST Cybersecurity Framework (CSF)
CIS Controls for secure configurations and benchmarks
MITRE ATT&CK for threat context and analysis
OWASP standards for web application vulnerabilities
Basic scripting knowledge and skills (PowerShell Python etc..
Strong analytical skills to interpret scan results and provide actionable insights.
Excellent communication and reporting skills with the ability to explain technical findings to nontechnical stakeholders.
Collaborative mindset to work effectively with client teams and internal stakeholders.
Proactive and detailoriented with a commitment to delivering highquality work..
Expected Competencies:
Values behaviors & attitude
Leadership
Strategic mindset
Stakeholder management
Ability to influence
Communicate with impact
Project management
Results driven
Drive organizational excellence
Required Language Skills: Proficient in written and spoken English. Arabic is a plus
Minimum Education and Specific Qualification:
Bachelors degree in Cybersecurity Information Technology or a related field.
Relevant certifications such as CompTIA Security CEH or equivalent.
34 years of experience in vulnerability management or a related cybersecurity role.
Years ofExperience: 34 years
Education (if blank degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank certifications not specified)
Required Skills
Optional Skills
Accepting Feedback Accepting Feedback Active Listening Analytical Thinking Business Process Outsourcing Claims Performance Management Communication Complaint Management Compliance Auditing Compliance Review Contract Review Corrective Actions Creativity Customer Data Management (CDM) Customer Due Diligence Customer Handling Data Entry Data Quality Data Quality Assessment Delivery Excellence Embracing Change Emotional Regulation Empathy Inclusion Intellectual Curiosity 20 moreDesired Languages (If blank desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship
NoGovernment Clearance Required
NoJob Posting End Date
Required Experience:
Senior IC
Employment Type
Full-Time
