PricewaterhouseCoopers Jobs

Job Information

PwC Cyber Managed Services - Vulnerability Management - Manager in United States

Specialty/Competency: Managed Services

Industry/Sector: Not Applicable

Time Type: Full time

Travel Requirements: Up to 20%

A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology.

Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments.

Our Vulnerability Management Managed Services team helps organisations by offering end to end support for their VM programs, from design and implementation to ongoing operations with continuous operational improvements to reduce risks associated with vulnerabilities in their environments.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Develop new skills outside of comfort zone.

  • Act to resolve issues which prevent the team working effectively.

  • Coach others, recognise their strengths, and encourage them to take ownership of their personal development.

  • Analyse complex ideas or proposals and build a range of meaningful recommendations.

  • Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.

  • Address sub-standard work or work that does not meet firm's/client's expectations.

  • Use data and insights to inform conclusions and support decision-making.

  • Develop a point of view on key global trends, and how they impact clients.

  • Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.

  • Simplify complex messages, highlighting and summarising key points.

  • Uphold the firm's code of ethics and business conduct.

Job Requirements and Preferences :

Basic Qualifications :

Minimum Degree Required :

Bachelor Degree

Minimum Years of Experience :

4 year(s)

Preferred Qualifications :

Degree Preferred :

Master Degree

Preferred Fields of Study :

Information CyberSecurity, Information CyberSecurity & Accounting, Information Technology, Computer and Information Science

Certification(s) Preferred :

Certification in vulnerability scanning products from Qualys, Tenable or Rapid7.

Relevant SANS training experience (e.g., SEC460, SEC560)

Preferred Knowledge/Skills :

Demonstrates extensive abilities and/or a proven record of success as a team leader in the following areas:

  • Understanding end-to-end Vulnerability Management processes (i.e., the VM lifecycle) and tools (e.g., host-based and application scanners), patch management, GRC tools, and ITSM;

  • Utilizing common tools used in the VM lifecycle, including ITSM, CMDB, etc.;

  • Using operating system and application security, administration, and debugging;

  • Utilizing security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security);

  • Using operating systems such as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability and threat management tools;

  • Using vulnerability Management products from vendors, such as Qualys, Tenable and Rapid7;

  • Configuring vulnerability assessment tools, including the integration of feedback from IT owners to reduce false positives;

  • Analyzing identified vulnerabilities, along with identifying remediation techniques;

  • Compiling vulnerability data and reports for both technical and executive audiences;

  • Identifying dependencies and timelines required to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes;

  • Reporting remediation of vulnerabilities by coordinating agreed-upon action plans and timelines with responsible technology partners and support teams;

  • Reviewing and reporting changes to patching policies, procedures, standards, and audit work programs in a continuous improvement model;

  • Raising awareness of valuable information and maintaining the confidentiality and integrity of data through industry trends, including current and emerging risks, relevant legislation, regulatory requirements, guidelines, and industry developments relating to data protection, privacy, security, and data governance;

  • Providing analysis of impacts to key stakeholders; and,

  • Leading team of junior VM analysts in the execution of above tasks across the VM lifecycle.

At PwC, our work model includes three ways of working: virtual, in-person, and flex (a hybrid of in-person and virtual). Visit the following link to learn more:

PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy:

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.

For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.

For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: