drjobs IN_Associate_SOC _Managed Services_Advisory_Ahmedabada

IN_Associate_SOC _Managed Services_Advisory_Ahmedabada

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Ahmedabad - India

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Associate

Job Description & Summary

At PwC our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities develop secure systems and provide proactive solutions to safeguard sensitive data.

Those in penetration testing at PwC will focus on penetration testing (or pen testing) which is a security exercise where a cybersecurity consultant attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a systems defences which attackers could take advantage of.

*WhyPWC
AtPwC you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work powered by technology in an environment that drives innovation will enable you to make a tangible impact in the real world. We reward your contributions support your wellbeing and offer inclusive benefits flexibility programmes and mentorship that will help you thrive in work and life. Together we grow learn care collaborate and create a future of infinite experiences foreach other. Learn moreaboutus.

Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats drive transformation and foster growth. As companies increasingly adopt digital business models the generation and sharing of data among organizations partners and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security efficiently integrating and managing new or existing technology systems and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager you will be responsible for overseeing regular operations driving continuous improvement processes and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts operating the Security Incident process and mentoring junior team members to build a cohesive and motivated unit.

Responsibilities:

Review cybersecurity events analyzed by L2 security analysts serving as the escalation point for detection response and remediation activities. Monitor and guide the team in triaging cybersecurity events prioritizing and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements maintaining effective communication with stakeholders. Review and share daily weekly and monthly dashboard reports with relevant stakeholders. Update and review documents playbooks and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats attack patterns and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows Linux OS firewall web proxy DNS IDS and HIPS log events. Develop and maintain threat detection rules parsers and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC.

Mandatory skill sets:

Bachelors degree (minimum requirement). 2-8 years of experience in SOC operations.

Experience analyzing malicious traffic and building detections. Experience in application security network security and systems security. Knowledge of security testing tools (e.g. BurpSuite Mimikatz Cobalt Strike PowerSploit Metasploit Nessus HP Web Inspect). Proficiency in common programming and scripting languages (Python PowerShell Ruby Perl Bash JavaScript VBScript). Familiarity with cybersecurity frameworks and practices (OWASP NIST CSF PCI DSS NY-DFS). Experience with traditional security operations event monitoring and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases.

Preferred skill sets:

Strong communication skills both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management Incident Management Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls IDS/IPS AVI EDR Proxy DNS email AD etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP LAN/WAN Internet network topologies). Relevant certifications (CEH CISA CISM etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments.

Years of experience required:

2-12 years

Education qualification:

Education (if blank degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Technology

Degrees/Field of Study preferred:

Certifications (if blank certifications not specified)

Required Skills

Optional Skills

Accepting Feedback Accepting Feedback Active Listening Bash (Programming Language) Common Vulnerability Scoring System (CVSS) Communication Cybersecurity Emotional Regulation Empathy Encryption Ethical Hacking Firewall (Network Security) Inclusion Information Security Information Security Management System (ISMS) Information Security Risk Assessments Intellectual Curiosity Intrusion Detection System (IDS) IT Infrastructure Kali Linux Microsoft Active Directory MITRE ATT&CK Framework Network Security Assessment Network Security Penetration Testing Offensive Security 20 more

Desired Languages (If blank desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship

No

Government Clearance Required

No

Job Posting End Date


Required Experience:

IC

Employment Type

Full-Time

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.