PwC Cyber Defense Sr Analyst - San Antonio, TX in San Antonio, Texas
Line of Service: Advisory
Specialty/Competency: Cybersecurity & Privacy
Industry/Sector: Not Applicable
Time Type: Full time
Government Clearance Required: No
Available for Work Sponsorship: No
Travel Requirements: 0%
A career in our Cybersecurity, Privacy, & Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy, and Forensics professionals at PwC, but at our clients and industry analysts across the globe. Our Advisory Acceleration Center is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Specialist, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Consistently deliver on multiple commitments.
Flex approach to meet the changing needs of teams and clients.
Identify and make suggestions for efficiencies and improvements when performing work.
Take action to stay up to date with the evolution and impact of technology developments.
Use tools, techniques and firm standard methodologies to support research, analysis and problem solving.
Adapt communication style to meet the needs of the situation and audience.
Manage expectations of stakeholders effectively.
Embrace diverse perspectives and welcome opposing and conflicting ideas.
Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
High School Diploma
Minimum Years of Experience :
Preferred Qualifications :
Preferred Fields of Study :
Computer and Information Science, Information CyberSecurity, Information Technology, Management Information Systems, Computer Engineering, Computer Applications
Certification(s) Preferred :
Microsoft certifications (Security, Compliance, and Identity Fundamentals; Security Operations Analyst Associate; Azure, etc), Certifications for various security technologies and Security Incident Event Management (SIEM) platforms: Splunk, Exabeam, QRadar
Preferred Knowledge/Skills :
Demonstrates some knowledge and/or a proven record of success in the following areas:
Understanding SIEM architecture and infrastructure (for example for Splunk: lookups, modular inputs, standard inputs, relationships between varying configuration files, etc.);
Understanding technical writing/creation of formal documentation such as reports, training material, slide decks, and architecture diagrams;
Communicating information regarding the platform health and load;
Creating detailed technical and operational documentation that includes standard operating procedures for security incident investigation and product configuration guides;
Understanding Microsoft KQL and Splunk SPL;
Understanding MITRE ATT&CK framework;
Understanding security operations investigations;
Understanding Azure security services such as Sentinel, Azure Monitor, Log Analytics, Storage, Defender, ATP, etc;
Understanding multiple operating systems and applicable system administration skills (Windows, Solaris, Linux);
Understanding networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP and others; and,
Understanding Information Security Frameworks and standards (NIST CSF,PCI-DSS etc.).
Demonstrates some abilities and/or a proven record of success in the following areas:
Building use cases around NIST and MITRE ATT&CK framework to enable detection at various stages of a cyber attack;
Writing queries in Microsoft KQL and Splunk SPL;
Writing and/ or modifying existing use cases to identify concerning security events;
Deploying SIEM solutions including data collectors and parsers;
Developing dashboards/ workbooks, alerts;
Implementing SOAR workflows using Logic Apps, Phantom, Demisto, etc.;
Using architecture design experience and/or certifications with one or more SIEM/ Security solutions (i.e Splunk ES, Elastic, MicroFocus ArcSight, IBM QRadar, LogRhythm, Exabeam);
Demonstrating written and verbal communication, as well as organizational and documentation skills; and,
Acquiring and utilizing knowledge on new technologies and solutions, emerging threats and vulnerabilities.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.