PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.
We help resolve complex issues for our clients and identify opportunities. Learn more about us at www.pwc.com/us.
At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional (http://pwc.to/pwcpro) provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.
Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready
- to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at www.pwc.com/careers.
It takes talented people to support the US firm of the largest professional services organization in the world. Not all of us work directly with external clients. Some of our best people choose to apply their talents inside PwC.
As part of Internal Firm Services, you're serving an organization on par with many of our external clients. Our Internal Firm Services team consists of first-rate marketers, human resource professionals, computer technologists, knowledge managers, accountants, financial planners, administrators and leaders. Internal Firm Services staff are the people who make it work for the people who make it work for our clients.Job Description
Network Information Security organization is tasked with designing, implementing and maintaining information security capabilities and services for the PwC Network of member firms. The organisation consists of highly skilled information security professionals across the globe that are focused on developing a leading security program across the Network of Firms, to foster clientsâ€™ trust in our ability to secure their most sensitive data, to better position PwC to address clientsâ€™ evolving needs and to harmonize the internal firm security strategy with client services go-to-market strategy. The group is leading PwC's Network Security Transformation Programme, which is a multi-year programme to enhance existing capabilities and build new capabilities to combat the ever more complex cyber threats.
Cyber Security and Data Protection runs cyber capabilities with emphasis on detecting, responding and preventing cyber incidents within the PwC Network of Firms. They also provide vulnerability and application assessments to identify and mitigate risks in IT systems. Capabilities the team will have include security monitoring, vulnerability management, application security, forensics, CSIRT, perimeter security, and data loss prevention.
Cyber Systems delivers exceptional customer service experience across PwCâ€™s global network of firm to reduce operational security risks and lower ongoing costs that result in a defensible network perimeter with secured endpoints. Cyber Systems provides the optics across the Cyber Security & Data Protection infrastructure to identify, assess and recommend risk mitigation tasks and requisite security audit evidence for the firmâ€™s cyber assets. Cyber Systems ensures that critical security configurations are consistently applied and every change is detected and documented across all platforms that comprise PwCâ€™s global cyber assets. Cyber Systems uses a full lifecycle management processes to ensure efficient transition and effective operational processes for PwCâ€™s global cyber assets.Position/Program Requirements
Minimum Year(s) of Experience: 6 years' in Information Technology
Minimum Degree Required: High School Diploma or GED
Degree Preferred: Bachelor's degree in Computer Science or Information Sciences
Certification(s) Preferred: ITIL V3, CCNA, Microsoft Certified Systems Engineer (MSCE), Certified Information Systems Manager (CISM), Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP), EnCase Certified Examiner (EnCE), Certified Ethical Hacker (CEH), Global Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), Certified Secure Software Lifecycle Professional (CSSLP)
Demonstrates intimate knowledge of, and/or proven record of success in roles involving, leading various, dynamic security engineering initiatives and teams, preferably for a global network of professional services consulting firms, with emphasis on the following:
- Managing maintenance and support, and conducting analyses of information technology solutions including: firewalls, active directory, Windows Operating Systems, intrusion detection and prevention systems, proxy servers, endpoint forensics, breach indicators, and log aggregation technology;
- Understanding network threats and fundamentals of incident response process and procedures, emphasizing innovation and leveraging knowledge of cyber-attacks, security monitoring and incident response related to knowledge domain and associated tools; and,
- Utilizing security perimeter enforcement, security logging and/or monitoring solutions, i.e. Palo Alto, Checkpoint, Juniper, Cisco, Blue Coat Websense, SNORT, SourceFire, RSA Netwitness, RSA Security Analytics, RSA enVision, RSA ECAT, EnCase Enterprise, FireEye, Firemon, Tufin, McAfee ePO, Bit 9, Avecto, Ionic, SolarWinds, Hadoop, Splunk, and Google Analytics.
Demonstrates intimate abilities, and/or proven record of success, in leading and driving efforts identifying and addressing client needs and providing direction to a high performing IT Security engineering staff, preferably for a global network of professional services firms, emphasizing the following:
- Understanding of stakeholder and change management, and influencing without authority;
- Planning, maintaining and improving security technology such as network packet capture, intrusion detection, security information and event management, and/or endpoint malware/security solutions;
- Learning new security technologies, implementation requirements, and how to integrate security technologies into a larger solution;
- Analyzing new networking solutions, identifying potential security concerns, developing approaches to mitigate identified risks, and work with IT teams to implement recommendations;
- Writing, communicating, facilitating, and presenting cogently; to and/or for all levels of industry audiences, clients and internal staff and management on technical concepts and issues, including translating technical security verbiage into non-technical verbiage for various business leaders;
- Utilizing creative problem solving and multitasking skills to work effectively as part of a team and/or independently, while focusing on researching pertinent technical matters, emphasizing an attention to detail;
- Utilizing the following programming languages or technologies: Hadoop, HIVE, LUA, ESPER, FreeMarker, PIG, HAWQ, SQL, .NET, and/or Powershell;
- Developing tools and programs utilizing programming and/or scripting, especially: Perl, Python, Ruby, Shell, C, C++, Java, and/or VBScript; and,
- Leading security staff, including direct reports, matrix reports, and contractors to create an atmosphere of trust, seeking diverse views to encourage improvement and innovation, answering questions and providing direction to less-experienced staff, coaching staff including providing and accepting timely, meaningful written and verbal feedback.
PwC is a network of firms in 157 countries with more than 184,000 people committed to delivering quality in assurance, tax and advisory services.