Line of Service
Advisory
Industry/Sector
Not Applicable
Specialism
Cybersecurity & Privacy
Management Level
Senior Associate
Job Description & Summary
A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.
Our Cyber Defense team focuses on helping our clients design and implement an effective cybersecurity program and technologies that protect against threats, support business objectives, and enables growth. As businesses move to a digital world, more data is generated and shared among organisations, partners and customers; to have business value, that data needs to be protected. You’ll play an integral role in helping our clients ensure they are protected by developing solutions focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.
In joining, you’ll be a part of a team that values technical and business acumen and provides training and development to extend and develop your skills, while fostering a strong collaborative culture. You’ll have the opportunity to help organisations design and create sustainable security solutions at enterprise scale, through a focused approach on enterprise requirements and prioritisation, information technology security architecture, and the software development lifecycle.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Associate, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
- Use feedback and reflection to develop self awareness, personal strengths and address development areas.
- Delegate to others to provide stretch opportunities and coach to help deliver results.
- Develop new ideas and propose innovative solutions to problems.
- Use a broad range of tools and techniques to extract insights from from current trends in business area.
- Review your work and that of others for quality, accuracy and relevance.
- Share relevant thought leadership.
- Use straightforward communication, in a structured way, when influencing others.
- Able to read situations and modify behavior to build quality, diverse relationships.
- Uphold the firm’s code of ethics and business conduct.
Roles and responsibilities –
-
Utilizing foundational computer science skills such as Java, Python, OOP concepts, Computer Networking, SDLC, operating systems fundamentals (Windows, Unix, Linux);
-
Applying network security architecture concepts including topology, protocols, components, and principles (e.g.
, application of defense-in-depth); -
Conducting quantitative and qualitative analyses of large and complex data;
-
Leveraging creative thinking and problem solving skills, individual initiative, and utilizing Google Docs and MS Office (Word, Excel, Access, PowerPoint), where necessary;
-
Identifying and addressing client needs: building relationships with clients; developing an awareness of Firm services; communicating with the client in an organized and knowledgeable manner; delivering clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating potential conflicts to a supervisor;
-
Understanding personal and team roles; contributing to a positive working environment by building solid relationships with team members; proactively seeking guidance, clarification and feedback; and,
-
Communicating in an organized and knowledgeable manner in written and verbal formats including delivering clear requests for information and communicating potential conflicts.
Required Skill Set –
Demonstrates thorough knowledge and/or a proven record of success in:
-
Understanding Networking and applying Network Principles (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture;
-
Understanding and applying network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth);
-
Understanding network security implementations (e.g., host-based IDS, IPS, access control lists), including their function and placement in a network;
-
Understanding laws, regulations, policies, and ethics as they relate to cybersecurity and privacy;
-
Understanding common regulatory requirements and industry frameworks such as ISO 27001, NIST CSF, and PCI DSS.;
-
Performing dynamic and static malware analysis and sandboxing with the ability to reverse engineer and debug malware samples using tools such as IDA Pro, Responder Pro or OllyDbg, including defeating anti debugging, packing and obfuscation techniques;
-
Proposing Enterprise Cloud solutions across IaaS, PaaS & SaaS, such as AWS, Azure, OpenStack, Cloud Foundry, Salesforce, Microsoft Office 365, Box etc.;
-
Proposing Enterprise security and Cloud security specific solutions such as IAM/IdaaS, CASB, Identity Governance, Cloud SOC/SIEM, Key Management & Encryption, Public, Private and Hybrid cloud solutions;
-
Performing database systems and data backup and recovery;
-
Understanding current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities;
-
Understanding the Risk Management Framework Assessment Methodology;
-
Understanding Application Security Risks (e.g. Open Web Application Security Project Top 10 list);
-
Understanding IoT protocols (e.g., MQTT, COAP, DDNS), implementing REST APIs, with an understanding of WS-Security, simulated devices usage experience (e.g., Raspberry Pi and Amazon Dash), and security concepts, including OAUTH and OIDC;
-
Understanding cyber defense and vulnerability assessment tools and their capabilities;
-
Functioning in a collaborative environment, seeking continuous consultation with other analysts and specialists-both internal and external to the organization-to leverage analytical and technical specialization;
-
Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation);
-
Information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption);
-
Operate common network tools (e.g., ping, traceroute, nslookup);
Education Qualification –
-
Bachelor’s degree in Cybersecurity, Computer and Information Science, Computer Engineering, Information Technology, Management Information Systems preferred
Certifications Preferred –
-
Certified Information Systems Security Professional (CISSP)
-
Certified Information Security Manager (CISM)
-
Certified Information Systems Auditor (CISA)
-
Cisco Certified Network Associate (CCNA)
-
Certified Cloud Security Professional (CCSP)
-
Offensive Security Certified Professional (OSCP)
-
Palo Alto Certifications
Advanced level of english (Required)