CD&E-Cyber Security- SIEM -Splunk/SOAR /Sentinel/ArcSight -Associate 2- Bangalore
Bangalore (SDC) - Bagmane Tech Park
PwC
We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
AssociateJob Description & Summary
A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.The Threat Detection team works with clients to detect cyber threats, identify malicious activity that could compromise the network and help with mitigation efforts before the threat can present vulnerabilities.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
- Use feedback and reflection to develop self awareness, personal strengths and address development areas.
- Delegate to others to provide stretch opportunities, coaching them to deliver results.
- Demonstrate critical thinking and the ability to bring order to unstructured problems.
- Use a broad range of tools and techniques to extract insights from current industry or sector trends.
- Review your work and that of others for quality, accuracy and relevance.
- Know how and when to use tools available for a given situation and can explain the reasons for this choice.
- Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
- Use straightforward communication, in a structured way, when influencing and connecting with others.
- Able to read situations and modify behavior to build quality relationships.
Year of Experience
2-4 Years
Position Requirements
Minimum of 2-4 years of prior experience in SIEM Technologies, Information Security Expertise in SIEM
solutions like Splunk, ArcSight and Azure Sentinel Tools.
Expertise in building use cases around NIST and MITRE ATT&CK framework to enable detection at
various stages of a cyber attack.
• Implementation of use cases using SPL/KQL with complex correlation across different data sources.
• Development of dashboards/workbooks, alerts.
• Implementation of SOAR workflows using Logic Apps, Phantom, Demisto etc
Preferred Knowledge
• Basic knowledge of User Entity Behavior, Machine Learning models.
• Scripting knowledge of python is an added advantage.
• Assist in administration, maintenance, and optimization of the Splunk Enterprise and Splunk ES.
• Integrating log sources with Sentinel using REST API.
• Working knowledge of all architectural components of SIEM
• Knowledge about cloud environment and hybrid environments
Implementation of clustered environment and related concepts such as High availability, parallel
processing etc.
Working knowledge in Azure services like Security center, azure monitor, log analytics, NSG, Storage,
Azure Functions,defender ATP, etc.
• Experience of threat intelligence and threat hunting is added advantage.
Preferred Skill
SIEM Technologies, Information Security Expertise in SIEM solutions like Splunk, ArcSight and Azure
Sentinel Tools.
• KQL/SPL
- Uphold the firm's code of ethics and business conduct.
Professional and Educational Background
• Bachelor's Degree Preferred.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
NoGovernment Clearance Required?
NoJob Posting End Date
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics APIs ArcSight Azure Clearance Clearance Required Cloud Cyber defense Data Analytics Encryption Forensics IDS Intrusion detection Machine Learning Malware MITRE ATT&CK NIST Privacy Python REST API Reverse engineering Scripting Sentinel SIEM SOAR Splunk Strategy Threat detection Threat intelligence Vulnerabilities
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.