At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation’s security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure.

EXPERIENCES AND SKILLS YOU’LL USE TO SOLVE

• A bachelor’s degree in a relevant area of study with a preference for Computer Science or Computer Engineering.
• Industry certifications (CISSP/GIAC suite/EC-Council) are an asset. Experience in MSSP environment.
• Minimum of 6 years in Information Technology and minimum of 4 years in Information Security.
• Proficient in Incident Response and Management.
• Knowledge of various security tools (e.g. SIEM, EDR, etc.) as well as operating system flavors including but not limited to Windows, Linux, Unix.
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
• Knowledge of applications, databases, middleware to address security threats; Proficient in preparation of reports, dashboards and documentation.
• Excellent communication and leadership skills and experience in performing vendor management.
• Ability to handle high pressure situations with key stakeholders and good Analytical skills, Problem solving and Interpersonal skills.
• Hybrid ways of working PwC Canada is committed to cultivating an inclusive, hybrid work environment. Exact expectations for your team can be discussed with your interviewer.

• Main point of contact for escalations and True positive incidents.
• Oversee the level 2 senior security analysts’ team and ensure they perform advanced analysis and investigation of security incidents detected by the level 1 security analysts or the security tools.
• Provide guidance and support to the level 2 senior security analysts and assist them with troubleshooting, escalation, and resolution of complex or critical security issues.
• Coordinate with the level 2 security analysts and other teams for incident response and recovery activities and ensure the implementation of appropriate countermeasures and remediation actions.
• Review and validate the security incident reports and recommendations prepared by the level 2 senior security analysts and ensure they meet the quality and accuracy standards.
• Conduct quality assurance and reviews of the security incident reports and recommendations and provide constructive feedback and improvement suggestions to the level 2 senior security analysts. And have touch points with QA lead/team regularly.
• Coordinate with the level 2 security analysts and other teams for complex or high-severity incidents that require further investigation or remediation.
• Conduct performance evaluation and feedback sessions for the level 2 senior security analysts and identify their training and development needs and opportunities.
• Design and deliver training and mentoring programs for the level 2 senior security analysts and ensure they acquire and maintain the relevant skills and certifications.
• Collaborate with the clients and stakeholders and provide strategic and technical advice on security incidents and services and ensure customer satisfaction and retention.
• Monitor and report on the key performance indicators and metrics of the level 2 senior security analyst team and ensure they meet the service level agreements and objectives.
• Work closely with shift leads and have a regular touch point with them on the daily report of security operations metrics, KPIs, and SLAs and find a solution to identified gaps.
• Touchpoint with L2 leads to make sure they are facilitating regular meetings and training sessions for the level 1 security analysts’ team to keep them updated on the security tools, latest security threats, trends, and best practices.
• Participate in calls with client stake holders throughout the months (monthly, quarterly, bi-weekly, Threat Hunting, etc.