Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

Respond effectively to the diverse perspectives, needs, and feelings of others.Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.Use critical thinking to break down complex concepts.Understand the broader objectives of your project or role and how your work fits into the overall strategy.Develop a deeper understanding of the business context and how it is changing.Use reflection to develop self awareness, enhance strengths and address development areas.Interpret data to inform insights and recommendations.Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.

The Cybersecurity L2 Senior Associate acts as an advanced technical contributor responsible for incident investigation, platform operations, vulnerability analysis, IAM operations, and cross-tower support across TDR, IAM, VM, and SecOps. This role performs deeper analysis than L1, handles escalations, optimizes detection logic, drives improvements, and ensures operational excellence. The L2 Analyst collaborates with L3, engineering teams, platform teams, and client stakeholders to ensure a stable, resilient, and effective cybersecurity environment.

Share and collaborate effectively with others, creating a positive team spirit.Identify and make suggestions for improvements when problems and/or opportunities arise.Validate data and analysis for accuracy and relevance.Follow risk management and compliance procedures.Keep up to date with developments in your area of specialty.Communicate confidently in a clear, concise, and articulate manner - verbally and in written form.Seek opportunities to learn about the wider economy alongside the business models/corporate governance and/or regulatory environment of our clients.Uphold the firm's code of ethics and business conduct.

Required Skills & Qualifications

3–6 years of relevant experience in SOC, VM, IAM, or SecOps operations.Strong hands-on experience with SIEM, EDR, VM tools, IAM platforms, Network Security tools like Web, Email gateway, DLP and ITSM systems.Proficient in creating detection logic, correlation rules, and performing threat analysis.Solid understanding of networking, OS security, identity governance, and vulnerability assessment methodologies.Strong communication, documentation, and analytical skills.Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related field.

Preferred Skills

Experience with scripting (Python, PowerShell, Bash).Knowledge of cloud platforms (Azure/AWS/GCP).Understanding of MITRE ATT&CK, vulnerability scoring, threat intelligence.Security certifications such as Security+, CEH, AZ-900, ITIL & other relevant skill certifications.

Key Responsibilities

Security Monitoring & Incident Response: Monitor SIEM, EDR, and threat intel dashboards for advanced threat patterns; Conduct deep-dive investigations into suspicious activity and escalate to L3 as needed; Execute containment, eradication, and remediation actions on confirmed incidents (where preapproved); Perform advanced alert tuning, write detection logic, correlation rules, and enrichment logic; Document investigation steps, timelines, actions taken, conclusions, and lessons learned.Vulnerability Management & Risk Analysis: Perform daily health checks on scanners, credential states, asset discovery, and SLA breach monitoring; Run and analyze network, container, cloud, agent-based, and web-app scans; Maintain credential hygiene, tag governance, and asset deduplication; Validate false positives, categorize exceptions, and assign remediation tasks; Configure RBVM systems with threat-feed weighting, MITRE ATT&CK mapping, and crown-jewel tagging; Manage and document exception workflow, review compensating controls, evidence validation, and SLA adjustments.IAM Operations (L2 Level): Perform manual provisioning into enterprise applications (AD, SAP, JDE, Oracle); Manage certificate lifecycle activities, ensuring renewals before expiry; Execute SOP-driven IAM workflows for PAM, IGA, and Access Management; Validate IAM tickets for completeness, risk, and compliance before escalating; Provide evidence for audits related to provisioning/deprovisioning.Operational Reporting & SLA Governance: Produce weekly and monthly operational metrics, SLA reports, and deviation analysis; Identify outliers, noise patterns, abnormalities, and propose tuning or process enhancements.Application & System Maintenance (TDR, IAM, VM, SecOps): Perform routine platform health checks, backup verification, scheduled job validation, and ensure system stability; Validate multi-source log ingestion, troubleshoot ingestion failures, and coordinate with platform teams for fixes; Handle break-fix scenarios, analyze root causes, and implement corrective actions; Manage user administration for security tools (access, roles, entitlements).Ticketing, Queue Management & Workflow Assurance: Oversee remediation ticket queues, ensuring ageing tickets are escalated or followed up appropriately & the mailbox for the inbound mails; Validate support requests (false positives, exceptions, reassignments) before escalating to L3.Documentation, Knowledge Management & Training: Maintain detailed documentation of daily operations, incident logs, troubleshooting steps, configuration changes, and platform updates; Create and update SOPs, runbooks, playbooks, training documents, and knowledge articles; Provide training and knowledge transfer to L1 analysts and new joiners.Continuous Improvement & Automation: Identify opportunities for automation using SOAR, scripting, AI or workflow tools; Participate in Policy tuning and optimization of tools across SOC, IAM, VM, and SecOps.Compliance & Governance Support: Assist in maintaining compliance with standards such as ISO 27001, SOC2, NIST, GDPR; Support audit readiness through artifact preparation and evidence maintenance.Cross-Team Collaboration: Work with cybersecurity architects, platform engineers, and client SMEs to address systemic issues; Participate in war rooms, incident post-mortems, and Root cause analysis discussions.Customer Communication: Provide timely updates to clients on investigations, remediation progress, and ticket status; Participate in operational review meetings to present operational insights.

Additional application instructions

Understand the importance of have a correct information managementKnowledge of Information Security and Data ProtectionCorrect Information Security Management

All qualified applicants will receive consideration for employment at PwC without regard to ethnicity; creed; color; religion; national origin; age; disability; neurodiversity; sexual orientation; gender identity or expression; marital; or any other status protected by law. PwC is proud to be an inclusive organization and equal opportunity employer. 

Travel Requirements

Not Specified

Job Posting End Date