Managed Services - Cyber - Security Analysts Senior Associate- Operate

Senior Associate Cyber Managed Service Job Description

PwC is looking for an experienced technical candidate to lead and support our Cyber Managed Service clients and Security Operations Center Team an essential part of our worldclass managed services portfolio. In this role you will be part of a team leading clientcentric program development analytics innovation response and delivery. A career in PwCs rapidly growing Cyber Managed Services practice will provide you the opportunity to help define how we solve our clients most critical cyberrelated challenges and allow them to thrive and focus on their core business.

As a Cyber Ops Sr. Associate youll work as part of a team of problem solvers helping to solve complex business issues from strategy to . PwC Professional skills and responsibilities for this level include but are not limited to:

• Invite and provide inthemoment feedback in a constructive manner.

• Share and collaborate effectively with others creating a positive team spirit.

• Identify and make suggestions for improvements when problems and/or opportunities arise.

• Validate data and analysis for accuracy and relevance.

• Follow risk management and compliance procedures.

• Keep uptodate with developments in my area of specialty.

• Communicate confidently in a clear concise and articulate manner verbally and in written form.

• Seek opportunities to learn about the wider economy alongside the business models/corporate governance and/or regulatory environment of our clients.

• Uphold the firms code of ethics and business conduct.

Basic Qualifications:

• Minimum Degree Required: Bachelors Degree

• Minimum Years of Experience: Five 5 or more

• Certification(s) Preferred: GSEC GCDA SEC Network Certified Incident Handler (GCIH) Certified Intrusion Analyst (GIAC) CCNASecurity CEH CISSP CTIA

Preferred Knowledge/Skills: Demonstrates knowledge leadership and/or a proven record of success in the following areas:

• Networking and applying Network Principles (including the OSI Model TCP/IP DNS HTTP SMTP) System Administration and Security Architecture

• Applying Incident Response Frameworks and Handling Procedures

• Threat Hunting/Threat Intelligence (Hypothesis and IOC)

• SIEM/SOAR Engineering and Administration

• Malware Analysis (Static and Dynamic)

• Fluency with the cyber attack lifecycle and/or the tactics techniques and procedures of threat actors

• Information security compliance assurance and/or other security best practices and principles

• Possessing and fostering an inquisitive mindset amongst team members

Demonstrates abilities leadership and/or a proven record of success in the following areas:

• Working in a global team environment in an assigned shift ensuring holidays coverage aligns with client schedules

• Leading daily huddles shift handovers preparing reports or providing inputs for reports as assigned

• Acting as a shift leader monitoring and responding to alert queues distributing alerts to analysts monitoring SLA adherence and working in an evolving environment with multiple priorities.

• Acting as the escalation point for Level 1 analysts based on the defined processes; leading investigations into SIEM EDR Email Security DLP and Phishing security issues and determining if a security concern is present escalating to client security teams or Cyber Ops leadership as appropriate

• Monitoring and analyzing alerts from a wide array of security devices and systems such as SIEMs Firewalls IDS/IPS systems network and perimeter devices Endpoint Detection and Response (EDR) platforms etc.

• Applying the security incident response process: identification containment and remediation on a 24x7 basis as well as maintaining a willingness to provide suggestions for process improvement.

• Applying scripting language skills in Python or PowerShell to investigations or triage workflow

• Preparing materials (reports presentations spreadsheets etc. to help enable informed decision making

• Acquiring and utilizing knowledge on new technologies and solutions exploits attack vectors emerging threats and vulnerabilities

• Running and analyzing vulnerability scan per client schedules

• Analyzing and working with SIEMs proxy tools network security devices IAM DLP Windows *NIX and application logs and cloud security monitoring tools and services

• Researching and communicating information regarding the security threat landscape to team members leadership and clients

• Contributing to an environment of information sharing as well as acting as a coach for lowerlevel more junior analysts.

Tools Knowledge:

• SentinelOne Splunk MS Sentinel MS Defender EDR CrowdStrike Cortex XDR Palo Alto XSOAR Phantom O365 Proofpoint DLP

SentinelOne:

• Play a critical role in proactively detecting analyzing and responding to cybersecurity threats using SentinelOne SIEM platforms.

• Lead the investigation of complex security incidents perform indepth threat analysis and guide junior analysts (L1 during triage and escalation processes.

• Experience in building and optimizing dashboards creating and managing watchlists writing and finetuning queries and developing detection rules aligned with current threat intelligence and MITRE ATT&CK use cases.