- Contact: Recruitment Team
- Reference: 43027BR
Who we’re looking for
Are you passionate about practical, large-scale defence within Cyber Security? State sponsored attacks, corporate hacking, data breaches, economic espionage and targeted intrusions, including APT.
The scale and complexity of Cyber-attacks is increasing every day and businesses need a trusted ally to steer them through this challenging landscape.
About the team
As a Cyber Defence Analyst at PwC you will form a key part of the team responsible for the development, management and execution of our Managed Cyber Defence services to our global clients. Global is the operative word because we operate internationally with a focus on consistency and availability to our client base at any time.
About The Role
The Cyber Defence Analyst role will primarily consist of analysing security event data on behalf of a wide variety of client organisations - primarily host based, although capabilities in network, application and database security will always be valuable. Within the role you will help in the cyber defence of complex, enterprise-wide digital security environments by identifying events of concern and providing strong technical input to the client organisations’ response.
Preference may be given to candidates available to work in our Edinburgh, or London offices - however, remote working could be possible for the right candidate. The role involves minimal travel and is primarily remote from our client organisations.
Duties & Responsibilities
Prioritizing and differentiating between potential intrusion attempts and false alarms.
Examples of incidents involve unauthorized access, suspicious services, malware identification, etc.
Work within, and ultimately help shape, our response framework for globally scalable cyber defence
Provide technical guidance to client organisations to correctly gather relevant data, analyse and respond to cyber security incidents
Contributes to the development of policies, standards and guidelines.
Apply broad security industry, technology, business and professional knowledge to contribute to policy-making and process design.
Correlate threat intelligence with active attacks and vulnerabilities within the enterprise.
Monitor and analyse security events and identify trends, attacks, and potential threats.
Research and stay current on the latest trends, best practices, and technology developments.
Facilitate the integration of threat and data feeds for the purposes of incident response.
Skills and Experience
Strong knowledge of Windows System Internals, Defender, Active Directory’s role within the enterprise
Ability to identify patterns and trends in events, and to extract useful indicators of compromise from that data.
Previous host-based investigative or analysis work is strongly beneficial.
A background in client facing business-to-business work.
Excellent written & communication skills.
A strongly developed interest in systems security.
Relevant areas of certification may include SANS / GIAC, OSCP or similar.
Experience of gleaning and analysing security information from a large variety of host and network based technologies - tell us what you bring to the table.
Ability to assess the output of of malware analysis and sandboxing techniques.
While not a core requirement, knowledge of scripting languages such as Python, Perl or PowerShell and their use in process automation and data analysis is beneficial.