IN Senior Associate- Threat Response -MS Engineering- Advisory-Bangalore

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Microsoft

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job Description & Summary: • We are looking for someone who is having hands on experience in handling cyber security incident end to end, specifically KC4-KC7 incidents (Endpoint related and cloud security), identifying the root cause of the alert by analyzing logs from EDR/SIEM tool and drive remediation. Conduct log analysis, and reviews using different security tools. Candidate should have in-depth knowledge of Cyber Kill Chain and the different TTP of MITRE ATT&CK framework. Exposure to different malware attack chains

Responsibilities:

Roles & Responsibilities: We are looking for someone who is having hands on experience in handling cyber security incident end to end, specifically KC4-KC7 incidents (Endpoint related and cloud security), identifying the root cause of the alert by analyzing logs from EDR/SIEM tool and drive remediation. Conduct log analysis, and reviews using different security tools. Candidate should have in-depth knowledge of Cyber Kill Chain and the different TTP of MITRE ATT&CK framework. Exposure to different malware attack chains

Mandatory skill sets:

Proficient in Cyber Incident Management and Response 2. Experience in SIEM tool ( Preferably Splunk ) 3. Experienced in working with Microsoft Defender for Endpoint (MDE) or any other EDR solution. 4. Efficient in analyzing various types of email threats. Working experience in Proofpoint TAP, TRAP will be advantageous. 5. Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, Cyber kill chain, MITTRE Attack framework etc. 6. Knowledge of threat management, Threat Hunting. Experienced with use case/detection rule creation or modification can be an added advantage 7. Knowledge of cloud security and cloud incident response. (Azure, GCP, AWS) 8. Good Analytical skills, Problem solving and Interpersonal skills 9. Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix, MAC OS. 10. Proficient in preparation of reports, dashboards and documentation

11. Excellent communication and team player skills 12. Ability to handle high pressure situations with key stakeholder

Preferred skill sets:

· Desirable Skills: 1. CEH, CHFI, ECIH, Comptia Security+, AZ-500,SC-200, SC-100

Years of experience required:

2-5 Years

Education qualification:

· BTech/BE/MTech from reputed institution/university as per the hiring norms

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Technology, Bachelor of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Cyber Incident Response, Incident Management

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date