CD&E-Cyber Security- SIEM Cortex XSIAM -Senior Associate -Bangalore

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation's security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Skills

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.

Minimum of 4-8 years of prior experience in SIEM Technologies, Information Security

Expertise in SIEM solutions and Cortex XSIAM.

• Expertise in building use cases around NIST and MITRE ATT&CK framework to enable

detection at various stages of a cyber attack

• Implementation of use cases using SPL/KQL with complex correlation across different data sources
• Development of dashboards/workbooks, alerts
• Implementation of SOAR workflows using Logic Apps, Phantom, Demisto etc.
• Basic knowledge of User Entity Behaviour, Machine Learning models
• Scripting knowledge of python is an added advantage.
• Assist in administration, maintenance and optimization of the Cortex XSIAM.
• Integrating log sources using REST API.
• Working knowledge of all architectural components of SIEM
• Knowledge about cloud environment and hybrid environments
• Implementation of clustered environment and related concepts such as High availability, parallel processing etc.

Others

• Experience with monitoring use case implementation methodologies

Prior SIEM experience with advanced analysis and / or response to security incidents

Experience in building domain specific POCs.

Experience of threat intelligence and threat hunting is added advantage

Additional Job Description

Professional and Educational Background

• Bachelor's Degree Preferred

nge text color to black or remove bullet and section title if not applicable