Managed Services IAM Operations(L2) Senior Associate-Cyber Managed services Operate

Industry/Sector

Specialism

Management Level

Job Description & Summary

To really stand out and make us fit for the future in a constantly changing world each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines geographies and career paths and provides transparency on the skills we need as individuals to be successful and progress in our careers now and in the future.

As a Senior Associate youll work as part of a team of problem solvers helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness personal strengths and address development areas.
• Delegate to others to provide stretch opportunities coaching them to deliver results.
• Demonstrate critical thinking and the ability to bring order to unstructured problems.
• Use a broad range of tools and techniques to extract insights from current industry or sector trends.
• Review your work and that of others for quality accuracy and relevance.
• Know how and when to use tools available for a given situation and can explain the reasons for this choice.
• Seek and embrace opportunities which give exposure to different situations environments and perspectives.
• Use straightforward communication in a structured way when influencing and connecting with others.
• Able to read situations and modify behavior to build quality relationships.
• Uphold the firms code of ethics and business conduct.

JD- L2 Squad- Senior Associate

Squad (TDR IAM VM SecOps) Senior Associate Operations Sr. Associate L2

The Cybersecurity L2 Analyst acts as an advanced technical contributor responsible for incident investigation platform operations vulnerability analysis IAM operations and cross-tower support across TDR IAM VM and SecOps. This role performs deeper analysis than L1 handles escalations optimizes detection logic drives improvements and ensures operational excellence. The L2 Analyst collaborates with L3 engineering teams platform teams and client stakeholders to ensure a stable resilient and effective cybersecurity environment.

Share and collaborate effectively with others creating a positive team spirit.

Identify and make suggestions for improvements when problems and/or opportunities arise.

Validate data and analysis for accuracy and relevance.

Follow risk management and compliance procedures.

Keep up to date with developments in your area of specialty.

Communicate confidently in a clear concise and articulate manner - verbally and in written form.

Seek opportunities to learn about the wider economy alongside the business models/corporate governance and/or regulatory environment of our clients.

Uphold the firms code of ethics and business conduct.

Required Skills & Qualifications

36 years of relevant experience in SOC VM IAM or SecOps operations.

Strong hands-on experience with SIEM EDR VM tools IAM platforms Network Security tools like Web Email gateway DLP and ITSM systems.

Proficient in creating detection logic correlation rules and performing threat analysis.

Solid understanding of networking OS security identity governance and vulnerability assessment methodologies.

Strong communication documentation and analytical skills.

Bachelors degree in Cybersecurity Computer Science Engineering or related field.

Preferred Skills

Experience with scripting (Python PowerShell Bash).

Knowledge of cloud platforms (Azure/AWS/GCP).

Understanding of MITRE ATT&CK vulnerability scoring threat intelligence.

Security certifications such as Security CEH AZ-900 ITIL & other relevant skill

Key Responsibilities:

1. Security Monitoring & Incident Response

Monitor SIEM EDR and threat intel dashboards for advanced threat patterns.

Conduct deep-dive investigations into suspicious activity and escalate to L3 as needed.

Execute containment eradication and remediation actions on confirmed incidents (where preapproved).

Perform advanced alert tuning write detection logic correlation rules and enrichment logic.

Document investigation steps timelines actions taken conclusions and lessons learned.

2. Vulnerability Management & Risk Analysis

Perform daily health checks on scanners credential states asset discovery and SLA breach monitoring.

Run and analyze network container cloud agent-based and web-app scans.

Maintain credential hygiene tag governance and asset deduplication.

Validate false positives categorize exceptions and assign remediation tasks.

Configure RBVM systems with threat-feed weighting MITRE ATT&CK mapping and crown-jewel tagging.

Manage and document exception workflow review compensating controls evidence validation and SLA adjustments.

3. IAM Operations (L2 Level)

Perform manual provisioning into enterprise applications (AD SAP JDE Oracle).

Manage certificate lifecycle activities ensuring renewals before expiry.

Execute SOP-driven IAM workflows for PAM IGA and Access Management.

Validate IAM tickets for completeness risk and compliance before escalating.

Provide evidence for audits related to provisioning/deprovisioning.

4. Operational Reporting & SLA Governance

Produce weekly and monthly operational metrics SLA reports and deviation analysis.

Identify outliers noise patterns abnormalities and propose tuning or process enhancements.

5. Application & System Maintenance (TDR IAM VM SecOps)

Perform routine platform health checks backup verification scheduled job validation and ensure system stability.

Validate multi-source log ingestion troubleshoot ingestion failures and coordinate with platform teams for fixes.

Handle break-fix scenarios analyze root causes and implement corrective actions.

Manage user administration for security tools (access roles entitlements).

6. Ticketing Queue Management & Workflow Assurance

Oversee remediation ticket queues ensuring ageing tickets are escalated or followed up appropriately & the mailbox for the inbound mails.

Validate support requests (false positives exceptions reassignments) before escalating to L3.

7. Documentation Knowledge Management & Training

Maintain detailed documentation of daily operations incident logs troubleshooting steps configuration changes and platform updates.

Create and update SOPs runbooks playbooks training documents and knowledge articles.

Provide training and knowledge transfer to L1 analysts and new joiners.

8. Continuous Improvement & Automation

Identify opportunities for automation using SOAR scripting AI or workflow tools.

Participate in Policy tuning and optimization of tools across SOC IAM VM and SecOps.

9. Compliance & Governance Support

Assist in maintaining compliance with standards such as ISO 27001 SOC2 NIST GDPR.

Support audit readiness through artifact preparation and evidence maintenance.

10. Cross-Team Collaboration

Work with cybersecurity architects platform engineers and client SMEs to address systemic issues.

Participate in war rooms incident post-mortems and Root cause analysis discussions.

11. Customer Communication

Provide timely updates to clients on investigations remediation progress and ticket status.

Participate in operational review meetings to present operational insights.

Travel Requirements

Job Posting End Date