CD&E-Cyber Security- SIEM Implementation-Microsoft Sentinel/Google SecOps/Palo Alto XSIAM -Senior Associate - Bangalore

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

At PwC our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities develop secure systems and provide proactive solutions to safeguard sensitive data.

In threat intelligence and vulnerability management at PwC you will focus on identifying and analysing potential threats to an organisations security as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure.

Focused on relationships you are building meaningful client connections and learning how to manage and inspire others. Navigating increasingly complex situations you are growing your personal brand deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients and to deliver quality. Embracing increased ambiguity you are comfortable when the path forward isnt clear you ask questions and you use these moments as opportunities to grow.

Examples of the skills knowledge and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives needs and feelings of others.
• Use a broad range of tools methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance) the Firms code of conduct and independence requirements.

Years of Experience: 4 to 8 years

SIEM Implementation Engineer

Roles & Responsibilities:

• Lead technical deliverables for SIEM implementation and operations including Microsoft Sentinel Google SecOps Palo Alto XSIAM and Devo.
• Minimum 4-8 years of experience in SIEM implementation and security operations.
• Perform Proof of Concept (PoC) and Proof of Value (PoV) engagements to evaluate SIEM capabilities and demonstrate value to stakeholders.
• Conduct SIEM assessments to identify gaps recommend improvements and align with security best practices.
• Develop and maintain data pipelines for log ingestion normalization and enrichment across cloud and on-prem environments.
• Integrate log sources using connectors custom scripts and parsers to ensure complete visibility and compatibility with SIEM platforms.
• Build use cases aligned with NIST and MITRE ATT&CK frameworks to enable detection at various stages of a cyber-attack.
• Implement detection rules using SPL/KQL with complex correlation across different data sources.
• Develop dashboards alerts and workbooks for security monitoring and reporting.
• Implement SOAR workflows using Logic Apps Phantom Demisto and XSOAR platforms.
• Perform health checks tuning and optimization of SIEM platforms to ensure high performance and accuracy.
• Create and maintain documentation including SOPs runbooks architecture diagrams and onboarding guides.
• Collaborate with cross-functional teams including SOC threat hunters infrastructure and cloud teams to support delivery and ensure quality standards.

Experience & Skills

The potential candidate will have experience or can demonstrate some understanding of the following skills:

• Hands-on experience with Microsoft Sentinel Google SecOps Palo Alto XSIAM Devo and Splunk.
• Strong understanding of SIEM architecture implementation integration log management and threat detection methodologies.
• Experience in developing and tuning security use cases and alerts.
• Proficiency in scripting languages such as Python PowerShell and Bash for automation and data processing.
• Experience with cloud platforms including Azure GCP and AWS.
• Knowledge of data pipeline tools including Cribl for log routing enrichment and deduplication.
• Familiarity with REST APIs JSON and integration of third-party security tools.
• Experience with SOAR platforms and playbook development for incident response automation.
• Understanding of security concepts such as cyber-attacks threat vectors risk management and incident management.
• Strong analytical and problem-solving skills with attention to detail.

Excellent communication documentation and client engagement skills

Professional and Educational Background

• Preferred certifications: Microsoft Certified: Security Operations Analyst
• Bachelors Degree Preferred
• Associate SC-200 AZ-500 Google Professional Cloud Security Engineer CISSP CISM GIAC.
• Demonstrated ability to work collaboratively across teams and manage multiple client engagements.
• Commitment to continuous learning and adapting to evolving cybersecurity technologies.

Willing to work in US day shift (9AM EST - 5PM EST) / India night Shift (7 PM IST to 3 AM IST) and weekend support / on call support

Travel Requirements

Not Specified

Job Posting End Date