As global game changers, our experts play big. Match your curiosity with continuous opportunities to learn, grow and make an impact. Join PwC and be a game changer.
PwC is a powerful network of over 250.000 people across 158 countries. All committed to deliver quality in Assurance, Tax, Advisory & Technology services. Match your curiosity with continuous opportunities to learn, grow and make an impact. Join PwC and be a game changer.
About the role
This role will take the lead on conducting cybersecurity incident response investigations on behalf of a wide variety of clients from various industries.
Within the role you will have a scope to be involved in all aspects of incident response activities and further development of the team and incident response services. You will be a part of wide cyber security team and cooperate with other team members.
Our perfect candidate should have hands-on experience in handling major cyber security incidents.
Incident Response Manager
Responsibilities
- Lead cyber security incident response service and develop the incident response delivery team;
- Work with PwC clients to deliver Cyber Incident Investigation and Response services;
- Advise clients on building Incident response and crisis management plans and improving their cyber incident readiness which cover incident response training, playbook development, guiding clients through the implementation of response and containment procedures;
- Present technical material in a clear organized briefing to both technical and non-technical personnel;
- Determine the extent of the compromise, attributes of malware and possible data ex-filtrated;
- Maintain current knowledge of tools and best-practices in advanced persistent threats tools, techniques, and procedures of attackers; and forensics and incident response;
- Perform cyber threat monitoring/hunting to detect sign of compromise or malicious activities in our clients’ IT environment;
- Contribute to the development of policies, standards and guidelines for incident response;
- Work with the local countries, businesses and regions to identify key resources that can assist in the cyber security incident response.
Requirements
- Self-motivated and able to demonstrate a passion for this type of work
- Minimum 3 years of experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/ consultant;
- Demonstrates knowledge and experience in incident handling processes, including preparation, identification, containment, eradication, and recovery to protect enterprise environments;
- Demonstrates thorough abilities and/or a proven record of success in the following areas: Network Analysis, Memory Analysis, Endpoint Analysis, Cyber Incident Lifecycle;
- Qualification in Incident Response and Forensics such as GCFA, GCFE, GREM, GCIH, CHFI, ECIH, Certified Network or Host Intrusion Analyst is desirable;
- Good English language skills (spoken and written);
- Ability to work under time pressure;
- Broad IS technology knowledge;
- EDR class tool knowledge, e.g.: FireEye, HX, Tanium, Carbon Black, etc.;
- Knowledge of current threat & attack vectors;
- Experience in log analysis of firewalls, proxy servers, operating systems, databases;
- Reports writing skills;
- Ability to explain complex technical issues to non-technical personnel.
What we offer?
- Participation in international projects;
- Development of technical skills through working with SMEs from different industries
- Development of expert knowledge through participation in training solution producers, events and industry conferences;
- Ability to develop skills in the field of Incident Response, analysis of malware - work in a dedicated lab environment;
- Clear career development path;
- Private medical care for employees and their families;
- A rich package of social benefits (including Multisport card),Convenient location in Warsaw city centre.