Az álláshirdetés lejárt.
Aktuális állást talál az aktív állásajánlatok között: új keresés indítása itt

Cyber Threat Detection & Response - London - London

Cyber Threat Detection & Response - LondonReference ADV02862Location LondonService Advisory (Deals)Specialism Forensic ServicesIndustry Cyber SecurityWho we're looking for
As the world's largest firm of professional advisors, PwC is trusted by global corporations and consulted on their most sensitive issues.
Our rapidly growing Cyber Threat Detection & Response practice specialises in providing the technology skills required to help clients resist, detect and respond to advanced cyber attacks. This includes crisis events such as data breaches, economic espionage and targeted intrusions, including APT.
In the UK alone, we have more than 85 forensic technology practitioners working from dedicated, secure laboratories in London, Birmingham, Leeds and Belfast, as well as from client sites in the UK and internationally.
Our ongoing growth means that we are seeking to hire core team members with a wide variety of skills and experience to complement our existing subject matter experts. If you believe you can demonstrate a number of requirements below and are seeking a fresh and cutting-edge challenge then get in touch.
You could be responsible for unpicking breach indicators from live memory captures, deploying host and network monitoring agents across an enterprise or reverse engineering custom malware samples pulled from network packet captures. You may be coordinating a team investigating a targeted intrusion, developing and selling new professional service offerings or communicating the extent of a breach to a FTSE 100 CISO and designing a remediation plan.
This position is based in London, however some opportunities can involve team members working at other PwC and client sites both inside the UK and internationally.
About the role
You will form a core part of the team responsible for the development, management and execution of PwC's Cyber Security services portfolio for our global client base. Because we operate in cross-border environments where speed of response and technical agility is often critical to our clients, we are constantly innovating and drawing on cutting edge technology partnerships. We will expect you to be at the heart of that innovation.
Your responsibilities may include:
• Understanding, mapping and navigating complex IT environments, selecting and deploying appropriate techniques and tools to quickly triage a compromised environment and correlate data from multiple sources to evaluate the scope and impact of a breach
• Supporting our customers in proactively planning for and defending against a variety of cyber threats using both commercial and custom technology and threat intelligence sources
• Forensically securing, preserving and capturing volatile or physical disk data from workstations, laptops, servers and network infrastructure devices; ensuring that the evidential integrity of the data is not compromised
• Performing in-depth forensic analysis on captured logs, network traffic pcaps, volatile memory or host images to identify and trace breach indicators and develop actionable threat intelligence
• Drafting reports and presentations to explain our findings and recommendations.
• Researching and developing new procedures, scripts, tools and techniques to continually refine and update our incident response processes
If you are naturally inquisitive, have an investigative mind and get a thrill from solving problems in crisis situations, we are interested in talking to you. We expect you will already be recognised amongst your peers or in the industry because of your proven ability in several of the following areas:
• Development and curation of APT and targeted attack intrusion sets along with campaign research and tracking experience
• The development and application of technical threat intelligence in the cyber attack lifecycle, the management of multi-source threat intelligence fusion and production of technical intelligence reports
• Strong senior client relationships, a proven history of supporting cyber security initiatives and successful security consulting sales
• Deep knowledge of Windows system internals and ability to identify common indicators of compromise from dead or live systems and live memory using tools such as the SysInternals suite, RegRipper, Volatility, HBGary Responder or Mandiant Redline
• Experience of gleaning and analysing security information from enterprise network and host based sensors, such as IDS/IPS systems, HIDS, SIEMs, AD controllers and firewalls
• Expertise analysing raw network traffic captures or deployment and use of network forensics or monitoring devices such as FireEye, Solera, SNORT or Netwitness
• Consulting experience deploying and using enterprise products such as HBGary Active Defense, Mandiant MIR or EnCase Cybersecurity
• Knowledge of malware analysis and sandboxing with applications like, WireShark, CaptureBAT or Cuckoo Sandbox and the ability to reverse engineer and debug malware samples using tools such as IDA Pro, Responder Pro or OllyDbg, including defeating anti debugging, packing and obfuscation techniques
• Knowledge of scripting languages such as Python, Perl or PowerShell and their use in forensic analysis & live incident response, or experience using other programming languages to develop software for host-centric, network-centric or log-centric security analysis
• Highly skilled in forensic capture & investigation tools such as EnCase, X-Ways, SIFT or F-Response
• The ability to think clearly under pressure and coordinate with client subject matter experts in order to devise innovative data capture protocols and procedures that will maintain evidential continuity, whilst not adversely affecting business continuity.
While not prerequisites, the following criteria will be advantageous:
• Well versed in current ACPO Guidelines and evidential continuity best practice including chain of custody
• Active SC or DV security clearance
• Any of the following, or similar, certifications:
• EnCase Certified Examiner (EnCE)
• AccessData Certified Examiner (ACE)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Reverse Engineering Malware (GREM)
To be successful in this role you will need to demonstrate the following:
• The ability to suggest creative solutions to complex problems;
• Exceptional analytical and technical aptitude;
• The ability to manage time, prioritise tasks and work under tight deadlines;
• The ability to work independently with little supervision, but integrate well into teams;
• Concise and clear communication when presenting and explaining results and findings;
• A strong desire to learn and willingness to share knowledge.
The skills we look for in future employees.
All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional'.

The PwC Professional focuses on five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. We use this framework to recruit, develop and assess our people, at all grades and all areas of our business, because we expect all of our people to be leaders.

We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool as well as those who reflect the diverse nature of our society. And we aim to encourage a culture where people can be themselves and be valued for their strengths. Creating value through diversity is what makes us strong as a business.
As an organisation with an increasingly agile workforce, we're open to flexible working arrangements where appropriate.Link megjelenítése" width="0" height="0" />
Munkavégzés helye London
Kategória Külföldi munka
Régió Külföld
Egyéb hasonló állások Önnek
Idősotthoni gondozói állás Angliában


Az Egyesült Királyság területén legelterjettebb...

Kapcsolószekrényépítő - Raum Nürnberg, Süddeutschland

Silverhand Hungary Kft

Jelenleg egy kiemelt partnerünknek keresünk hos...

Vésnök/pecsét készítő


5-10 éves munkatapasztalattal rendelkező ...