IAM Operations(L2) Senior Associate Cyber Managed services Operate

Industry/Sector

Specialism

Management Level

Job Description & Summary

Focused on relationships you are building meaningful client connections and learning how to manage and inspire others. Navigating increasingly complex situations you are growing your personal brand deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients and to deliver quality. Embracing increased ambiguity you are comfortable when the path forward isnt clear you ask questions and you use these moments as opportunities to grow.

Examples of the skills knowledge and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives needs and feelings of others.
• Use a broad range of tools methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance) the Firms code of conduct and independence requirements.

JD- L2 Squad- Senior Associate

Squad (TDR IAM VM SecOps) Senior Associate Operations Sr. Associate L2

The Cybersecurity L2 Analyst acts as an advanced technical contributor responsible for incident investigation platform operations vulnerability analysis IAM operations and cross-tower support across TDR IAM VM and SecOps. This role performs deeper analysis than L1 handles escalations optimizes detection logic drives improvements and ensures operational excellence. The L2 Analyst collaborates with L3 engineering teams platform teams and client stakeholders to ensure a stable resilient and effective cybersecurity environment.

Share and collaborate effectively with others creating a positive team spirit.

Identify and make suggestions for improvements when problems and/or opportunities arise.

Validate data and analysis for accuracy and relevance.

Follow risk management and compliance procedures.

Keep up to date with developments in your area of specialty.

Communicate confidently in a clear concise and articulate manner - verbally and in written form.

Seek opportunities to learn about the wider economy alongside the business models/corporate governance and/or regulatory environment of our clients.

Uphold the firms code of ethics and business conduct.

Required Skills & Qualifications

36 years of relevant experience in SOC VM IAM or SecOps operations.

Strong hands-on experience with SIEM EDR VM tools IAM platforms Network Security tools like Web Email gateway DLP and ITSM systems.

Proficient in creating detection logic correlation rules and performing threat analysis.

Solid understanding of networking OS security identity governance and vulnerability assessment methodologies.

Strong communication documentation and analytical skills.

Bachelors degree in Cybersecurity Computer Science Engineering or related field.

Preferred Skills

Experience with scripting (Python PowerShell Bash).

Knowledge of cloud platforms (Azure/AWS/GCP).

Understanding of MITRE ATT&CK vulnerability scoring threat intelligence.

Security certifications such as Security CEH AZ-900 ITIL & other relevant skill

Key Responsibilities:

1. Security Monitoring & Incident Response

Monitor SIEM EDR and threat intel dashboards for advanced threat patterns.

Conduct deep-dive investigations into suspicious activity and escalate to L3 as needed.

Execute containment eradication and remediation actions on confirmed incidents (where preapproved).

Perform advanced alert tuning write detection logic correlation rules and enrichment logic.

Document investigation steps timelines actions taken conclusions and lessons learned.

2. Vulnerability Management & Risk Analysis

Perform daily health checks on scanners credential states asset discovery and SLA breach monitoring.

Run and analyze network container cloud agent-based and web-app scans.

Maintain credential hygiene tag governance and asset deduplication.

Validate false positives categorize exceptions and assign remediation tasks.

Configure RBVM systems with threat-feed weighting MITRE ATT&CK mapping and crown-jewel tagging.

Manage and document exception workflow review compensating controls evidence validation and SLA adjustments.

3. IAM Operations (L2 Level)

Perform manual provisioning into enterprise applications (AD SAP JDE Oracle).

Manage certificate lifecycle activities ensuring renewals before expiry.

Execute SOP-driven IAM workflows for PAM IGA and Access Management.

Validate IAM tickets for completeness risk and compliance before escalating.

Provide evidence for audits related to provisioning/deprovisioning.

4. Operational Reporting & SLA Governance

Produce weekly and monthly operational metrics SLA reports and deviation analysis.

Identify outliers noise patterns abnormalities and propose tuning or process enhancements.

5. Application & System Maintenance (TDR IAM VM SecOps)

Perform routine platform health checks backup verification scheduled job validation and ensure system stability.

Validate multi-source log ingestion troubleshoot ingestion failures and coordinate with platform teams for fixes.

Handle break-fix scenarios analyze root causes and implement corrective actions.

Manage user administration for security tools (access roles entitlements).

6. Ticketing Queue Management & Workflow Assurance

Oversee remediation ticket queues ensuring ageing tickets are escalated or followed up appropriately & the mailbox for the inbound mails.

Validate support requests (false positives exceptions reassignments) before escalating to L3.

7. Documentation Knowledge Management & Training

Maintain detailed documentation of daily operations incident logs troubleshooting steps configuration changes and platform updates.

Create and update SOPs runbooks playbooks training documents and knowledge articles.

Provide training and knowledge transfer to L1 analysts and new joiners.

8. Continuous Improvement & Automation

Identify opportunities for automation using SOAR scripting AI or workflow tools.

Participate in Policy tuning and optimization of tools across SOC IAM VM and SecOps.

9. Compliance & Governance Support

Assist in maintaining compliance with standards such as ISO 27001 SOC2 NIST GDPR.

Support audit readiness through artifact preparation and evidence maintenance.

10. Cross-Team Collaboration

Work with cybersecurity architects platform engineers and client SMEs to address systemic issues.

Participate in war rooms incident post-mortems and Root cause analysis discussions.

11. Customer Communication

Provide timely updates to clients on investigations remediation progress and ticket status.

Participate in operational review meetings to present operational insights.

Travel Requirements

Job Posting End Date