Cybersecurity-Quality Assurance SOC Analyst-Senior Associate-Bangalore - Bengaluru, India - PwC

Description

Description

& SummaryA career in our Advisory Acceleration Centre is the natural extension of PwC's leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

Use feedback and reflection to develop self awareness, personal strengths and address development areas.

Delegate to others to provide stretch opportunities, coaching them to deliver results.

Demonstrate critical thinking and the ability to bring order to unstructured problems.

Use a broad range of tools and techniques to extract insights from current industry or sector trends.

Review your work and that of others for quality, accuracy and relevance.

Know how and when to use tools available for a given situation and can explain the reasons for this choice.

Seek and embrace opportunities which give exposure to different situations, environments and perspectives.

Use straightforward communication, in a structured way, when influencing and connecting with others.

Able to read situations and modify behavior to build quality relationships.

Quality Assurance SOC Analyst - CaaS
As a Quality Assurance SOC Analyst (Senior Associate) within the Cyber as a Service (CaaS) practice,
you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy
to execution. You will play a pivotal role in ensuring the quality and effectiveness of our SOC operations.
You will be responsible for reviewing and enhancing our security incident response processes and
procedures, evaluating the performance of SOC analysts, and implementing best practices to maintain
the highest standards of security. This role is critical in maintaining the integrity of our clients' systems and
data. Responsibilities include but are not limited to:
Required Qualifications:
● 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance
in a SOC setting, Threat Intelligence, Incident Response, or Penetration Testing/Red Team.
● At a minimum, a Bachelor's Degree in a relevant area of study with a preference for Computer
Science, Computer Engineering, Cybersecurity, or Information Security.
● Knowledge and experience working with various SIEM, EDR, NDR and Ticketing tools.
● Knowledge of Security Operations Centre (SOC) processes and procedures.
● Effective communication skills, both written and verbal.
● Strong attention to detail and commitment to quality.
● Advanced knowledge and experience analyzing attacker techniques at all stages of a breach.
Knowledge of MITRE ATT&CK and Cyber Kill-Chain is a must
● Be available to work on a 24/7 basis (Mon-Sun) on a shift based schedule to continuously assure
quality within SOC.
Roles & Responsibilities:
● Conduct regular quality assessments of security incident handling processes within the SOC for
both L1 and L2 functions.
● Review and evaluate the effectiveness of SOC analyst activities, including incident detection,
analysis, investigation and response.
● Identify areas for improvement and provide recommendations to enhance SOC operations and
incident response capabilities.
● Collaborate with SOC management and leads to develop and implement quality assurance
strategies and initiatives.
● Create and maintain comprehensive quality assurance documentation, reports, and metrics.
● Mentor and provide guidance to junior SOC analysts to improve their performance and
investigation skills.
● Stay up-to-date with the latest threat landscape, attack vectors, and cybersecurity technologies
through ongoing research and professional development.
● Assist in incident response activities as needed, including during high-priority security incidents.
● Participate in the development and delivery of training programs for SOC staff.
● Collaborate with the L2 analyst team to develop robust quality assurance practices,
documentation, reports and metrics.
● Collaborate with L1 and L2 SOC analysts to provide training and knowledge sharing on quality
assurance best practices.
● Communicate findings and recommendations effectively to technical and non-technical
stakeholders internally and externally.
● Maintain detailed records of quality assurance activity, including findings, actions taken, and
outcomes.
● Participate in knowledge-sharing initiatives with the L1 and L2 team to enhance collective
expertise and investigation skills.
● Ensure adherence to established quality assurance processes and procedures.
● Identify opportunities for process improvement and contribute to the enhancement of quality
assurance methodologies.
● Maintain composure and efficiency in high-pressure situations.

Uphold the firm's code of ethics and business conduct.

, Cyber Threat & Device Monitoring Analyst (Tier 2) As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Responsibilities include but are not limited to: Roles & Responsibilities:

● Monitor and analyze security alerts

● Respond to escalated security alerts, conduct investigations and client notification

● Responsible for investigating incidents, analysing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures

● Serve as a technical point of escalation and provide mentoring for L1 security analysts

● Primarily responsible for security monitoring, detection, response and client care

● Ensure incident identification, assessment, reporting, communication, mitigation and monitoring

● Ensure compliance to SLA, process adherence and process improvements to achieve operational objectives

● Maintains SOP, playbook and other documentations up-to-date

● Prepare reports, summaries, and other forms of communication that may be both internal and client facing

● Be available for scheduled on-call rotation to respond to escalations outside of regular business hours

● Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the difficulties in managing SLAs

● Maintain familiarity with industry trends and security best practices

● Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring

● Coordination with stakeholders, build and maintain positive working relationships with them Experience & Skills:

● Relevant experience in Information Technology and Information Security

● Proficient in Incident Management and Response

● Experience in security device management and multiple SIEM platforms

● In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc

. ● Experience in MSSP environment

● CISSP and GIAC certifications preferred

● Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix

● Knowledge of applications, databases, middleware to address security threats

● Proficient in preparation of reports, dashboards, and documentation

● Excellent communication and initiative skills

● Experience in performing vendor management

● Ability to handle high pressure situations with key stakeholders

● Good analytical skills, problem solving and interpersonal skill

● Fluent in French and English would be an asset

● A demonstrated commitment to valuing differences and working alongside diverse people and perspective

Willing to work in US day shift (9AM EST - 5PM EST) / India night Shift (7 PM IST to 3 AM IST) and weekend support / on call support

Experience & Skills:
● 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance
in a SOC setting, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red
Team.
● Experience in SOC L1, SOC L2 is a must.
● Experience in SOC Quality Assurance is a must
● Experience in SIEM technologies such as Azure Sentinel, Splunk, ArcSight, QRadar, Exabeam,
LogRhythm
● Experience and knowledge of EDR and NDR technologies such as Cortex XDR, CrowdStrike,
Carbon Black, Cylance, Defender, DarkTrace
● Experience with ticketing system such as ServiceNow, JIRA is considered a strong asset
● Experience and Knowledge working with Cyber Kill-Chain model and MITRE ATT&CK framework
● Ability to use data to 'tell a story'; ability to communicate findings and recommendations
effectively to technical and non-technical stakeholders.
● Proficient in preparation of reports, dashboards and documentation
● Excellent communication and leadership skills
● Ability to handle high pressure situations with key stakeholders
● Good Analytical skills, Problem solving and Interpersonal skills
● A demonstrated commitment to valuing differences and working alongside diverse people and
perspectives

Education

Degrees/Field of Study required:Degrees/Field of Study preferred:

Certifications

Required Skills

Optional Skills

Desired Languages

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date