Cybersecurity & Privacy
Job Description & Summary
A career in our Risk and Compliance Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth.
As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers.
You’ll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.
Our team helps organisations transform their governance, risk, and compliance activities into a tool that is able to anticipate and mitigate risk to drive business performance.
In joining, you’ll develop risk management solutions, compliance and ethics controls, business continuity planning, internal audit procedures, and a compliance framework.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level.
To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution.
PwC Professional skills and responsibilities for this management level include but are not limited to :
Roles & Responsibilities
Lead and manage Organisation’s Security Operations Center (SOC).
Responsible for incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
Responsible for compliance to SLA, process adherence and process optimization to achieve the SOC’s operational objectives
Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
Responsible for integration of standard and non-standard logs into SIEM
Creation of reports, dashboards, metrics for SOC operations and presentation to Executive Management and Cyber and Information security or Risk Management committees
Develop and maintain an incident response program / plan consistent with incident response management processes and standards.
Implement monitoring tools in the cloud
Work with other SOC analysts to create security-related rules to provide alerts on any suspicious activities
Conduct periodic threat simulation activities to evaluate the adequacy of deployed detective controls
Establish and maintain a database of detected and reported information security incidents
Provide support for forensic investigations related to Information security incidents and develop and share security event logging requirements with infrastructure and applications teams
Liaise with stakeholders for timely isolation, containment and remediation of Indicators of Compromise (IOCs) related to validated threat intelligence information
A minimum of a degree in Computer Science / Engineering, Information
Technology, Electrical Engineering or a related field of study from a recognised Professional Certification such as CISSP, CISM, CEH or GCIH will be an added advantage
A Second degree is an added advantage
Minimum of Five (5) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment and over two (2) years in a managerial role.