CD&E-Cyber Security-SIEM Cortex XSIAM-Senior Associate

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

The Threat Detection team works with clients to detect cyber threats, identify malicious activity that could compromise the network and help with mitigation efforts before the threat can present vulnerabilities.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness, personal strengths and address development areas.
• Delegate to others to provide stretch opportunities, coaching them to deliver results.
• Demonstrate critical thinking and the ability to bring order to unstructured problems.
• Use a broad range of tools and techniques to extract insights from current industry or sector trends.
• Review your work and that of others for quality, accuracy and relevance.
• Know how and when to use tools available for a given situation and can explain the reasons for this choice.
• Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
• Use straightforward communication, in a structured way, when influencing and connecting with others.
• Able to read situations and modify behavior to build quality relationships.
• Uphold the firm's code of ethics and business conduct.

-Minimum of 4-9 years of prior experience in SIEM Technologies, Information Security
Expertise in SIEM solutions and Cortex XSIAM.

- Expertise in building use cases around NIST and MITRE ATT&CK framework to enable 

  detection at various stages of a cyber attack

- Implementation of use cases using SPL/KQL with complex correlation across different data sources

- Development of dashboards/workbooks, alerts

- Implementation of SOAR workflows using Logic Apps, Phantom, Demisto etc.

- Basic knowledge of User Entity Behaviour, Machine Learning models

- Scripting knowledge of python is an added advantage.

- Assist in administration, maintenance and optimization of the Cortex XSIAM.

- Integrating log sources using REST API.

- Working knowledge of all architectural components of SIEM

- Knowledge about cloud environment and hybrid environments

- Implementation of clustered environment and related concepts such as High availability, parallel processing etc.

Others:

- Experience with monitoring use case implementation methodologies

- Prior SIEM experience with advanced analysis and / or response to security incidents

- Experience in building domain specific POCs.

- Experience of threat intelligence and threat hunting is added advantage  

Professional and Educational Background

• Bachelor's Degree Preferred.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis, Malware Detection Tools {+ 16 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date