Cybersecurity, Privacy and Forensics - Cyber Incident Response - Sr Associate

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe. The Cyber Incident Response team focuses on supporting some of the world's largest brands by helping to enhance their threat detection and response capabilities in light of a dynamic threat environment. Every day we help our clients prevent, detect, and respond to advanced cyber attacks, technology disruptions, and insider threats by conducting root cause and intrusion investigations, proactive threat hunts, and by helping clients prepare, respond, and recover from external and internal threat actors. Our team partners with clients to help them understand the operational security controls needed to detect and prevent compromises. Additionally, as a core member of PwC's Global Threat Intelligence network we have real time insights into a diverse set of threat actors and are on the cutting edge of cybersecurity.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness, personal strengths and address development areas.
• Delegate to others to provide stretch opportunities and coach to help deliver results.
• Develop new ideas and propose innovative solutions to problems.
• Use a broad range of tools and techniques to extract insights from from current trends in business area.
• Review your work and that of others for quality, accuracy and relevance.
• Share relevant thought leadership.
• Use straightforward communication, in a structured way, when influencing others.
• Able to read situations and modify behavior to build quality, diverse relationships.
• Uphold the firm's code of ethics and business conduct.

Job Requirements and Preferences:
Basic Qualifications:
Minimum Degree Required:
Bachelor's Degree
Preferred Field(s) of Study:
Computer and Information Science,Computer Applications,Computer Engineering,Forensic Science,Management Information Systems
Minimum Year(s) of Experience:
3 year(s)
Certification(s) Preferred:
GIAC including GCFA, GCFE, GREM, GNFA, GCCC, or GCIA;
Preferred Qualifications:
Degree Preferred:
Master's Degree
Preferred Knowledge/Skills:
Demonstrates thorough abilities and/or a proven record of success in the following areas:

• Possessing experience and familiarity with leading Endpoint Detection and Response tools (e.g. Defender, Carbon Black, Sentinel One, CrowdStrike);
• Understanding of either Microsoft Azure, AWS or Google Cloud; particularly around risk-based authentication, privileged access management;
• Understanding of key IT infrastructure products, including Active Directory;
• Applying incident handling processes including preparation, identification, containment, eradication, and recovery to protect enterprise environments;
• Understanding of common attack techniques performed by threat actors, including identity-based attacks, choosing appropriate defenses and response technique for each;
• Analyzing the structure of common attack techniques in order to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity;
• Acquiring infected machines and then detecting the artifacts and impact of exploitation through log analysis;
• Deriving and pivoting off Indicators of Compromise (IOCs) from malicious executables to strengthen incident response and threat intelligence efforts;
• Identifying artifact and evidence locations to answer critical questions, including application execution, file access, data theft, external device usage, cloud services, anti-forensics, and detailed system usage;
• Hunting and responding to advanced adversaries such as nation-state actors, organized crime, and hacktivists;
• Detecting and hunting unknown live, dormant, and custom malware across multiple Operating System in an enterprise environment;
• Targeting advanced adversary anti-forensics techniques like hidden and time-stomped malware, along with utility-ware used to move in the network and maintain an attacker's presence;
• Experience utilizing and contributing to knowledge management systems such as confluence as part of a technical team;
• Tracking user and attacker activity second-by-second on the system via in-depth timeline and super- timeline analysis; and,
• Identifying lateral movement and pivots within client enterprises, showing how attackers transition from system to system without detection.

Demonstrates thorough abilities and/or a proven record of success in the following areas:

• Network Analysis, Cyber Forensics Evidence Collection, Endpoint Analysis, Cyber Incident Lifecycle, NIST 800-61; and,
• Programming Languages such as Python, and PowerShell Demonstrates experience with at least one of the following tools including: X-Ways, Rekall, Volatility, EnCase, Remnux, IDA, Capture. Bat, RegShot, Radare, OllyDbg, Wireshark, Network Miner, NFdump, SentinelOne, CarbonBlack, Cylance PROTECT, and PLASO/Log2Timeline, FireEye HX, and CrowdStrike.

Learn more about how we work: https://pwc.to/how-we-work
PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
Applications will be accepted until the position is filled or the posting is removed, unless otherwise set forth on the following webpage. Please visit this link for information about anticipated application deadlines: https://pwc.to/us-application-deadlines
The salary range for this position is: $84,000 - $202,000, plus individuals may be eligible for an annual discretionary bonus. Actual compensation within the range will be dependent upon the individual's skills, experience, qualifications and location, and applicable employment laws. PwC offers a wide range of benefits, including medical, dental, vision, 401k, holiday pay, vacation and more. To view our benefits at a glance, please visit the following link: https://pwc.to/benefits-at-a-glance