PwC Cyber Security Vulnerability Sr Associate in San Antonio, Texas
A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Use feedback and reflection to develop self awareness, personal strengths and address development areas.
Delegate to others to provide stretch opportunities and coach to help deliver results.
Develop new ideas and propose innovative solutions to problems.
Use a broad range of tools and techniques to extract insights from from current trends in business area.
Review your work and that of others for quality, accuracy and relevance.
Share relevant thought leadership.
Use straightforward communication, in a structured way, when influencing others.
Able to read situations and modify behavior to build quality, diverse relationships.
Uphold the firm's code of ethics and business conduct.
Preferred Qualifications :
Preferred Fields of Study :
Information CyberSecurity, Computer Engineering, Information Technology, Computer and Information Science
Certification(s) Preferred :
Certification in vulnerability scanning products from Qualys, Tenable or Rapid7 highly desirable. Relevant SANS training experience a plus (e.g., SEC460, SEC560)
Preferred Knowledge/Skills :
Demonstrates a thorough level of abilities with, and/or a proven record of success as both an individual contributor and team member, identifying and addressing client needs in the following areas:
Managing end-to-end Vulnerability Management processes (i.e., the VM lifecycle) and tools (e.g., host-based and application scanners), patch management, GRC tools, and ITSM;
Utilizing common tools used in the VM lifecycle, including ITSM, CMDB, etc;
Demonstrating some understanding the operating system and application security, administration, and debugging;
Demonstrating some understanding of security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security);
Being well versed in operating systems such as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability and threat management tools; and,
Demonstrating some experience with Vulnerability Management products from vendors such as Qualys, Tenable and Rapid7.
Demonstrates thorough abilities and/or a proven record of success in working to design, build and operate Vulnerability Management programs from people, process, and technology perspectives, including the following areas:
Drive the configuration of vulnerability assessment tools, including the integration of feedback from IT owners to reduce false positives;
Perform analysis and prioritization of identified vulnerabilities, along with remediation recommendations;
Prepare vulnerability data and reports for both technical and executive audiences;
Identify timelines/programs and guide teams to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes;
Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology partners and support teams;
Design and oversee delivery of actionable dashboards and scorecards;
Review and coordinate changes to patching policies, procedures, standards, and audit work programs in a continuous improvement model;
Drive protection of valuable information and maintain the confidentiality and integrity of data through;
Demonstrate knowledge of security management, network & protocols, data, and application security solutions;
Demonstrate knowledge of industry trends, including current and emerging risks; and,
Stay abreast of relevant legislation, regulatory requirements, guidelines, and industry developments relating to data protection, privacy, security, and data governance. Provide analysis of impacts to key stakeholders.
Minimum years experience required
- 2 (year)s
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law.