4 months ago
You’ll be joining the Cyber Threat Operations team at PwC with responsibility for wide-ranging security architecture research, design and implementation in relation to threat mitigation and intrusion containment, working closely with our leading threat intelligence and incident response teams and the services they provide to our global client base.
Our Cyber Threat Operations practice is PwC’s front-line technical services group, responsible for the development, management and execution of a portfolio of blue and red team services to our global clients. We provide subscription and bespoke threat research services, short-term and managed endpoint and network threat hunting services, incident response and readiness services, and adversary emulation.
As part of the role, you’ll be working across these teams to help design mitigation strategies for the adversary techniques our intelligence team are researching or which our red team are exploiting. You’ll also be working closely with the incident response team to architect containment strategies and evict a wide range of threat actors from client networks of all sizes. You will be able to devote time to researching and testing new security controls, and have the opportunity to share your expertise publicly at conferences, in white papers, our intelligence research, and in client briefings.
We’re looking for passionate, creative individuals who live and breathe the following topic areas:
Windows and Active Directory security fundamentals in the context of enterprise networks, and best practices to limit propagation of malware and adversary lateral movement in those environments and related environments (e.g. Office 365).
Researching and making use of the increasingly sophisticated security control and monitoring capabilities embedded in the latest Microsoft desktop and server operating system releases and AD Forest functional levels;
Small things which make major impact – being able to identify, architect and implement small, incremental control changes to existing IT environments in order to help clients mitigate or recover from classes of malicious activity (e.g. self-propagating ransomware); and,
The automation and orchestration of intelligence ingestion, detection and response actions in enterprise IT environments and the ability to work alongside teams to design defensible IT environments and inform detection and response strategies.
Involvement in incident response engagements to recommend tactical security control enhancements and mitigation strategies in order to contain network intrusions;
Input into technical security strategy advice being provided to PwC clients on long-term security architecture and transformation engagements;
Rapid prototyping and testing of the effectiveness of security controls against emerging threats (e.g. NotPetya outbreaks);
Evangelise security mitigation strategies (blogs, speaking events, whitepapers, internal training) aligned to real world threat activity being researched or responded to by our blue teams;
‘Bridging’ activities between red and blue teams and architecting test environments to prove the effectiveness of mitigation techniques against our red team;
Working with our red team to build “typical” control test environments for working on advanced exploitation techniques;
Collaborate with internal technology operations teams to recommend architectural and control enhancements for our internal red and blue team environments;
Subject matter expert on AD security configuration best practices, LAPS, Microsoft ATP solutions, Credential Guard, Device Guard etc.
Enhance the depth of control mitigations coming out of our red team activities to help drive the value of these services.
Assurance is a dynamic place to be right now, and the variety of opportunities on offer is unprecedented. It’s work that really does matter. It matters for businesses, governments and society at large. Our team provides confidence on the most complex decisions companies have to take and this provides a wealth of opportunities to everyone who joins us and works with us.
The skills we look for in future employees
All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, ‘The PwC Professional’ and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships.
We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool, as well as those who reflect the diverse nature of our society. And we aim to encourage a culture where people can be themselves and be valued for their strengths. Creating value through diversity is what makes us strong as a business and as an organisation with an increasingly agile workforce, we're open to flexible working arrangements where appropriate.