Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

Respond effectively to the diverse perspectives, needs, and feelings of others.Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.Use critical thinking to break down complex concepts.Understand the broader objectives of your project or role and how your work fits into the overall strategy.Develop a deeper understanding of the business context and how it is changing.Use reflection to develop self awareness, enhance strengths and address development areas.Interpret data to inform insights and recommendations.Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.

Year of Experience

4-8 Years

Position Requirements

Resilience Response

Facilitate planning, design, implementation, and testing of technology and operational resilience concepts within client environments Apply resilience methodologies across client networks, including being able to anticipate resilience risks, help our clients withstand the impact of a disruption, support recovery processes to quickly and efficiently minimize operational, financial, reputational, technological impacts, and facilitate our client’s evolution towards a more resilient environmentStrong knowledge in incident response and readiness processes, and the ability to apply cyber, incident, or security principles to resilience strategies Experience with common global resilience regulatory requirements or guidance such as NIS Directive (UK) Sheltered Harbor,  FFIEC BCM handbook, OFAC, etc. as well as industry frameworks such as CERT-RMM, CRR, MITRE Cyber Resiliency Engineering Framework, NIST CSF, COBIT, ISO, etc. Support response and recovery activities for critical technology disruptions including cyberattacks, natural disasters, man-made disasters, and other logical and physical scenariosAdvise in transforming traditional disaster recovery (DR) and business continuity (BC) solutions to secure, agile, scalable, and redundant resilient programs to withstand disruptions Recognize gaps in existing business plans and develop future state resilience strategies leveraging cross-functional synergies to create, enhance, and maintain enterprise resilience, including the development of target resilience operating models, fusion resilience centers, resilience program and/or teams, etc. Expertise in ransomware attacks and approaches, threat vectors, detection techniques, threat models, and ransomware prevention and mitigation strategiesConduct scenario testing in collaboration with clients, including the development of testing scenarios mimicking significant network and environment disruptions, creation of step by step testing plans, and execution of technical testing vialive recovery,  restoration, and rebuilding of networks, platforms, and systems Demonstrate deep knowledge of technical resilience concepts, including networking resilience building redundancies across networks, cloud resilience facilitating recovery in virtualized environments, and understanding and designing data vaulting solutions to protect data and enable efficient and secure recovery processes Drive technology transformations, including the execution of various resilience assessments, identification of disruption blast radiuses, conducting impact and risk analyses, assessment of existing tools and platforms and ability to provide recommendations for new / enhanced resilient technology and solutions, creation of resilience and recovery plans and documentation, and testing activitiesAbility to identify mission critical systems and analyze / map secondary and tertiary dependencies across the environment to determine recovery priority to enable more efficient recovery processesDevelop step-by-step, technical cyber recovery and decryption plans supporting our client’s ability to rapidly recover from a critical disruptionExposure to backup technology and platforms, and creation of enhanced backup strategies to support secure storage, replication, and segmented recovery environments aligning to defined recovery objectives (RPO’s / RTO’s)Identify, track, and report meaningful resilience performance/progress metrics on the state of resiliency, business continuity, and disaster recoveryProvide guidance on security and resilient architecture, assisting clients with reducing their attack surface and optimizing their resilience capabilities to adapt to modern threatsAdditional Job Description

Professional and Educational Background

• Bachelor's Degree Preferred.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Communication, Creativity, Cybersecurity Framework, Cybersecurity Governance, Cybersecurity Risk Management, Cybersecurity Strategy, Cyber Security Threat Mitigation, Cyber Threat Intelligence, Digital Forensics, Embracing Change, Emotional Regulation, Empathy, Firewall (Network Security), Forensic Investigation, Incident Management, Incident Remediation, Incident Response Plan, Inclusion, Intellectual Curiosity, Learning Agility, Log Analysis {+ 15 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date