Job Description & Summary
The Opportunity:
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.
Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients.
What you will be doing:
Analyzing incidents, attributing incidents to threat types and intrusion sets, extracting intelligence from incident data and malicious code, and supporting incident response;
Identifying, prioritizing and reporting on external cyber threats relevant to an organization's industry, and geographic and technological footprint;
Generating, consuming, and exploiting tactical and operational threat intelligence to protect against cyber threats;
Reporting findings to multiple levels of management across cultural and geographic boundaries, as well as functional teams impacted by cyber threats;
Possessing knowledge of basic intelligence models (e.g., the Intelligence Lifecycle, intrusion kill chain, diamond model, analysis of competing hypotheses, and related structured analytic techniques);
Displaying an understanding of malware reverse engineering tools and techniques;
Providing structured analysis, prioritization and reporting of a cyber adversary's intent, opportunity and capability;
Understanding forensic analysis tools and techniques;
Seeking new, and validating existing, sources of threat intelligence;
Providing tactical, operational and strategic recommendations for preventative controls to other security organizations based upon incident response findings and trends in realized threat activity;
Applying structured analytic techniques (e.g., analysis of competing hypotheses); and
Writing intelligence reports (strategic, tactical, and/or operational).
What we need from you:
Technology or information security principles, including a broad, high-level understanding of information security policy requirements and compliance, as well as current events within the cybersecurity space;
2 year(s) of progressive professional roles involving information security and/or IT management;
Graduate degree equivalent;
Foundational computing principles (e.g., networking, operating systems, and information security concepts);
Threat intelligence platforms (e.g., ThreatQ, OpenCTI, MISP, etc.);
Security information and event management (SIEM) platforms (e.g., Splunk, Elastic, etc.);
Malware sandboxes and repositories (e.g., VirusTotal, VMRay, Hybrid-Analysis, etc.);
Detection development (e.g., Yara, KQL, Splunk, etc.);
Open source intelligence (OSINT) collection sources, tools, and analysis;
Threat actor tactics, techniques, and procedures (TTPs);
Development of threat characteristics into intrusion sets;
Various classifications of threats (e.g., ransomware and the cybercrime economy) or espionage-motivated threats;
Computer forensics and incident response;
Meta-analysis, data analysis, trend analysis, and data presentation;
Malware reverse engineering fundamentals;
Command and control frameworks (e.g., CobaltStrike, Sliver, etc.);
Programming (e.g., C, Python, Golang, Rust, etc.);
Application programming interfaces (APIs);
Navigation of global corporate environments;
Business processes, particularly in the information security or information technology space; and
The importance of knowledge sharing within a professional services environment.
Ability to work autonomously and take ownership and initiative on tasks;
Delivery of meaningful outcomes as delegated with little to no oversight;
Possessing highly effective oral and written communications, presentation skills and interpersonal abilities;
Ability to prioritize and execute in a methodical and disciplined manner;
Demonstration of a desire and willingness to learn and improve.
#LI-BS1