Analista De Ciberseguridad

PwC is looking for an experienced technical candidate to lead, and support, our Cyber Managed Service clients and Security Operations Center Team, an essential part of our world-class managed services portfolio. In this role, you will be part of a team leading client-centric program development, analytics, innovation, response, and delivery. A career in PwC’s rapidly growing Cyber Managed Services practice will provide you the opportunity to help define how we solve our clients’ most critical cyber-related challenges and allow them to thrive and focus on their core business.

As a Cyber Ops Sr. Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this level include but are not limited to :

• Invite and provide in-the-moment feedback in a constructive manner.
• Share and collaborate effectively with others, creating a positive team spirit.
• Identify and make suggestions for improvements when problems and / or opportunities arise.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up-to-date with developments in my area of specialty
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about the wider economy alongside the business models / corporate governance and / or regulatory environment of our clients
• Uphold the firm's code of ethics and business conduct

Basic Qualifications :

Minimum Degree Required : Bachelor’s Degree

Minimum Years of Experience : Five (5) or more

Certification(s) Preferred : GSEC, GCDA, SEC+, Network+, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), CCNA-Security, CEH, CISSP,CTIA

Preferred Knowledge / Skills :

Demonstrates knowledge, leadership, and / or a proven record of success in the following areas :

• Networking and applying Network Principles (including the OSI Model, TCP / IP, DNS, HTTP, SMTP), System Administration, and Security Architecture
• Applying Incident Response Frameworks and Handling Procedures
• Threat Hunting / Threat Intelligence(Hypothesis and IOC)
• SIEM / SOAR Engineering and Administration
• Malware Analysis(Static and Dynamic)
• Fluency with the cyber attack lifecycle and / or the tactics, techniques, and procedures of threat actors
• Information security, compliance, assurance, and / or other security best practices and principles
• Possessing and fostering an inquisitive mindset amongst team members

Demonstrates abilities, leadership, and / or a proven record of success in the following areas :

• Working in a global team environment in an assigned shift, ensuring holidays coverage aligns with client schedules
• Leading daily huddles, shift handovers, preparing reports or providing inputs for reports as assigned
• Acting as a shift leader, monitoring and responding to alert queues, distributing alerts to analysts, monitoring SLA adherence, and working in an evolving environment with multiple priorities.
• Acting as the escalation point for Level 1 analysts based on the defined processes; leading investigations into SIEM, EDR, Email Security, DLP and Phishing security issues and determining if a security concern is present, escalating to client security teams or Cyber Ops leadership as appropriate
• Monitoring and analyzing alerts from a wide array of security devices and systems, such as SIEM’s, Firewalls, IDS / IPS systems, network and perimeter devices, Endpoint Detection and Response (EDR) platforms, etc.)
• Applying the security incident response process : identification, containment and remediation on a 24x7 basis as well as maintaining a willingness to provide suggestions for process improvement.
• Applying scripting language skills in Python or PowerShell to investigations or triage workflow
• Preparing materials (reports, presentations, spreadsheets, etc.) to help enable informed decision making
• Acquiring and utilizing knowledge on new technologies and solutions, exploits, attack vectors, emerging threats, and vulnerabilities
• Running and analyzing vulnerability scan per client schedules
• Analyzing and working with SIEMs, proxy tools, network security devices, IAM, DLP, Windows, *NIX, and application logs. and cloud security monitoring tools and services
• Researching and communicating information regarding the security threat landscape to team members, leadership, and clients
• Contributing to an environment of information sharing as well as acting as a coach for lower-level, more junior analysts.