PwC Cyber Managed Services - Vulnerability Management - Manager in United States
Specialty/Competency: Managed Services
Industry/Sector: Not Applicable
Time Type: Full time
Travel Requirements: Up to 20%
A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology.
Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments.
Our Vulnerability Management Managed Services team helps organisations by offering end to end support for their VM programs, from design and implementation to ongoing operations with continuous operational improvements to reduce risks associated with vulnerabilities in their environments.
As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Develop new skills outside of comfort zone.
Act to resolve issues which prevent the team working effectively.
Coach others, recognise their strengths, and encourage them to take ownership of their personal development.
Analyse complex ideas or proposals and build a range of meaningful recommendations.
Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.
Address sub-standard work or work that does not meet firm's/client's expectations.
Use data and insights to inform conclusions and support decision-making.
Develop a point of view on key global trends, and how they impact clients.
Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.
Simplify complex messages, highlighting and summarising key points.
Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
Minimum Years of Experience :
Preferred Qualifications :
Degree Preferred :
Preferred Fields of Study :
Information CyberSecurity, Information CyberSecurity & Accounting, Information Technology, Computer and Information Science
Certification(s) Preferred :
Certification in vulnerability scanning products from Qualys, Tenable or Rapid7.
Relevant SANS training experience (e.g., SEC460, SEC560)
Preferred Knowledge/Skills :
Demonstrates extensive abilities and/or a proven record of success as a team leader in the following areas:
Understanding end-to-end Vulnerability Management processes (i.e., the VM lifecycle) and tools (e.g., host-based and application scanners), patch management, GRC tools, and ITSM;
Utilizing common tools used in the VM lifecycle, including ITSM, CMDB, etc.;
Using operating system and application security, administration, and debugging;
Utilizing security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security);
Using operating systems such as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability and threat management tools;
Using vulnerability Management products from vendors, such as Qualys, Tenable and Rapid7;
Configuring vulnerability assessment tools, including the integration of feedback from IT owners to reduce false positives;
Analyzing identified vulnerabilities, along with identifying remediation techniques;
Compiling vulnerability data and reports for both technical and executive audiences;
Identifying dependencies and timelines required to address vulnerabilities, including system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes;
Reporting remediation of vulnerabilities by coordinating agreed-upon action plans and timelines with responsible technology partners and support teams;
Reviewing and reporting changes to patching policies, procedures, standards, and audit work programs in a continuous improvement model;
Raising awareness of valuable information and maintaining the confidentiality and integrity of data through industry trends, including current and emerging risks, relevant legislation, regulatory requirements, guidelines, and industry developments relating to data protection, privacy, security, and data governance;
Providing analysis of impacts to key stakeholders; and,
Leading team of junior VM analysts in the execution of above tasks across the VM lifecycle.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoadvisorymanager.