PricewaterhouseCoopers Jobs

Job Information

PwC Vulnerability Management Specialist - San Antonio, TX in San Antonio, Texas

Line of Service: Advisory

Specialty/Competency: Cybersecurity & Privacy

Industry/Sector: Not Applicable

Time Type: Full time

Government Clearance Required: No

Available for Work Sponsorship: No

Travel Requirements: 0%

A career in our Cybersecurity, Privacy, & Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy, and Forensics professionals at PwC, but at our clients and industry analysts across the globe.Our Advisory Acceleration Center is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Specialist, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Consistently deliver on multiple commitments.

  • Flex approach to meet the changing needs of teams and clients.

  • Identify and make suggestions for efficiencies and improvements when performing work.

  • Take action to stay up to date with the evolution and impact of technology developments.

  • Use tools, techniques and firm standard methodologies to support research, analysis and problem solving.

  • Adapt communication style to meet the needs of the situation and audience.

  • Manage expectations of stakeholders effectively.

  • Embrace diverse perspectives and welcome opposing and conflicting ideas.

  • Uphold the firm's code of ethics and business conduct.

Basic Qualifications :

Minimum Degree Required :

High School Diploma

Minimum Years of Experience :

1 year

Preferred Qualifications :

Preferred Fields of Study :

Information CyberSecurity, Computer and Information Science, Information Technology

Certification(s) Preferred :

Certification in vulnerability scanning products from Qualys, Tenable or Rapid7 highly desirable. Relevant SANS training experience is a plus (e.g., SEC460, SEC560)

Preferred Knowledge/Skills :

Demonstrates some knowledge and/ or a proven record of success in the following areas:

  • Understanding end-to-end Vulnerability Management processes (i.e., the VM lifecycle) and tools (e.g., host-based and application scanners), patch management, GRC tools, and ITSM;

  • Utilizing common tools used in the VM lifecycle, including ITSM, CMDB, etc;

  • Using operating system and application security, administration, and debugging;

  • Utilizing security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security);

  • Using operating systems such as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability and threat management tools; and,

  • Using vulnerability Management products from vendors such as Qualys, Tenable and Rapid7.

Demonstrates some abilities and/or experience in the following areas:

  • Configuring vulnerability assessment tools, including the integration of feedback from IT owners to reduce false positives;

  • Analyzing identified vulnerabilities, along with identifying remediation techniques;

  • Compiling vulnerability data and reports for both technical and executive audiences;

  • Identifying dependencies and timelines required to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes;

  • Reporting remediation of vulnerabilities by coordinating agreed-upon action plans and timelines with responsible technology partners and support teams;

  • Reviewing and reporting changes to patching policies, procedures, standards, and audit work programs in a continuous improvement model;

  • Raising awareness of valuable information and maintaining the confidentiality and integrity of data through industry trends, including current and emerging risks, relevant legislation, regulatory requirements, guidelines, and industry developments relating to data protection, privacy, security, and data governance; and,

  • Providing analysis of impacts to key stakeholders.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.