Job Summary
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation's security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure.
Job Description
Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities.
Skills
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
- Apply a learning mindset and take ownership for your own development.
- Appreciate diverse perspectives, needs, and feelings of others.
- Adopt habits to sustain high performance and develop your potential.
- Actively listen, ask questions to check understanding, and clearly express ideas.
- Seek, reflect, act on, and give feedback.
- Gather information from a range of sources to analyse facts and discern patterns.
- Commit to understanding how the business works and building commercial awareness.
- Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.
The Opportunity
When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you'll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You'll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills.
As part of the CD&E-Cyber Security-SIEM TDR -Splunk/SOAR /Sentinel team you are expected to build use cases around NIST and MITRE ATT&CK framework to enable detection at various stages of a cyber attack. As an Associate you are expected to focus on learning and contributing to client engagement and projects while developing your skills and knowledge to deliver quality work. You are expected to implement use cases using SPL/KQL with complex correlation across different data sources, develop dashboards/workbooks and alerts, and implement SOAR workflows using Logic Apps, Phantom, Demisto etc.
Responsibilities
- Building use cases around NIST and MITRE ATT&CK framework for cyber attack detection
- Implementing use cases using SPL/KQL with complex correlation across different data sources
- Developing dashboards, workbooks, and alerts
- Implementing SOAR workflows using Logic Apps, Phantom, Demisto, etc.
- Contributing to client engagement and projects while developing technical skills
- Learning and applying new technologies and methodologies
- Supporting senior staff in delivering top-quality work
- Building meaningful client connections and understanding their needs
What You Must Have
- Bachelor's Degree
- 1 to 3 years of experience preferred
- Oral and written proficiency in English required
What Sets You Apart
- Experience in SIEM Technologies like Splunk, ArcSight, Azure Sentinel
- Building use cases around NIST and MITRE ATT&CK framework
- Implementing use cases using SPL/KQL with complex correlation
- Developing dashboards, alerts, and workbooks
- Implementing SOAR workflows using Logic Apps, Phantom, Demisto
- Basic knowledge of User Entity Behavior, Machine Learning models
- Scripting knowledge of Python
- Administration, maintenance, and optimization of Splunk Enterprise and Splunk ES
- Integrating log sources with Sentinel using REST API
Company Overview
PwC AC Manila's Consulting Services are designed to provide industry expertise and innovative solutions through Cloud & Digital services. Our goal is to assist businesses in driving growth, optimizing operations, and seizing opportunities. With our team of professionals, cutting-edge technology, and deep industry knowledge, we help businesses stay ahead of the competition, deliver strategic solutions, and unlock long-term value.
