PwC Cyber Defense - Network Security - Manager in Boston, Massachusetts
Specialty/Competency: Cybersecurity & Privacy
Industry/Sector: Not Applicable
Time Type: Full time
Travel Requirements: Up to 40%
A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.
Our Cyber Defense team focuses on helping our clients design and implement an effective cybersecurity program and technologies that protect against threats, support business objectives, and enables growth. As businesses move to a digital world, more data is generated and shared among organisations, partners and customers; to have business value, that data needs to be protected. You’ll play an integral role in helping our clients ensure they are protected by developing solutions focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.
In joining, you’ll be a part of a team that values technical and business acumen and provides training and development to extend and develop your skills, while fostering a strong collaborative culture. You’ll have the opportunity to help organisations design and create sustainable security solutions at enterprise scale, through a focused approach on enterprise requirements and prioritisation, information technology security architecture, and the software development lifecycle.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Pursue opportunities to develop existing and new skills outside of comfort zone.
Act to resolve issues which prevent effective team working, even during times of change and uncertainty.
Coach others and encourage them to take ownership of their development.
Analyse complex ideas or proposals and build a range of meaningful recommendations.
Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.
Address sub-standard work or work that does not meet firm's/client's expectations.
Develop a perspective on key global trends, including globalisation, and how they impact the firm and our clients.
Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.
Focus on building trusted relationships.
Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
Minimum Years of Experience :
Preferred Qualifications :
Preferred Fields of Study :
Information Technology, Information CyberSecurity, Computer and Information Science, Management Information Systems
Preferred Knowledge/Skills :
Demonstrates extensive knowledge and/or proven record of success with:
Understanding network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth);
Understanding network security implementations (e.g., host-based IDS, IPS, access control lists), including their function and placement in a network;
Understanding laws, regulations, policies, and ethics as they relate to cybersecurity and privacy;
Understanding common regulatory requirements such as OCC HS, FFIEC, GLBA, NY DFS, GDPR etc. as well as industry frameworks such as ISO 27001/2, NIST CSF, COBIT, ISO, and PCI;
Understanding current FRCP Guidelines and evidential continuity industry leading practice including chain of custody;
Performing dynamic and static malware analysis and sandboxing with the ability to reverse engineer and debug malware samples using tools such as IDA Pro, Responder Pro or OllyDbg, including defeating anti debugging, packing and obfuscation techniques;
Proposing Enterprise Cloud solutions across IaaS, PaaS & SaaS, such as AWS, Azure, OpenStack, Cloud Foundry, Salesforce, Microsoft Office 365, Box etc.;
Proposing Enterprise security and Cloud security specific solutions such as IAM/IdaaS, CASB, Identity Governance, Cloud SOC/SIEM, Key Management & Encryption, Public, Private and Hybrid cloud solutions;
Performing database systems and data backup and recovery;
Understanding current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities;
Understanding the Risk Management Framework Assessment Methodology;
Understanding Application Security Risks (e.g. Open Web Application Security Project Top 10 list);
Understanding IoT protocols (e.g., MQTT, COAP, DDNS), implementing REST APIs, with an understanding of WS-Security, simulated devices usage experience (e.g., Raspberry Pi and Amazon Dash), and security concepts, including OAUTH and OIDC; and,
Understanding cyber defense and vulnerability assessment tools and their capabilities.
Demonstrates extensive abilities and/or a proven record of success to:
Developing policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities;
Functioning in a collaborative environment, seeking continuous consultation with other analysts and specialists-both internal and external to the organization-to leverage analytical and technical specialization;
Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation);
Applying network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth);
Applying system design tools, methods, and techniques, including automated systems analysis and design tools;
Interpreting and translating customer requirements into operational capabilities;
Developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists;
Translating, tracking, and prioritizing information needs and intelligence collection requirements across the extended enterprise;
Assessing and forecasting manpower requirements to meet organizational objectives;
Establishing that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control;
Establishing information security management processes are integrated with strategic and operational planning processes; and,
Overseeing the development and update of the life cycle cost estimate.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoadvisorymanager .
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
Please note that, at this time, to be in-person at a PwC office, client location or PwC-sponsored events, you must be fully vaccinated against COVID-19.