Join to apply for the Incident Response Manager role at PwC UK
Our Incident and Threat Operations services are central to this. We support PwC’s clients in crisis across our global network to respond, remediate and recover from a wide variety of cyber attacks. We also support clients in developing detection engineering and threat hunting strategies for modern SecOps environments, and engineer automation and orchestration playbooks to streamline detection and response activities. We design playbooks for investigation, response, and recovery.
We are assured by the UK NCSC under its Enhanced Cyber Incident Response scheme, to respond to sophisticated attacks on networks of national significance. Our investigation work spans cyber crime, corporate espionage and state affiliated threat actors. Our Incident and Threat Operations practice works closely with PwC’s front-line technical teams to deliver an end-to-end incident response capability to clients, including our global threat intelligence team, threat hunting team and ethical hacking practice. We also work with PwC’s crisis coordination team to provide support to clients at all levels of their organisations.
Responsibilities
* Perform high quality technical analysis, helping our clients understand what happened during a cyber security incident or data breach. Produce high-quality output in a variety of formats, from daily update briefs to full technical investigation reports.
* Support technical activities such as behavioural detection content creation in support of SecOps modernisation and orchestration engagements.
* Work alongside client teams and ensure we manage risk appropriately throughout the project lifecycle, following PwC’s processes for client and engagement acceptance.
* Manage client engagements: acting as the key point of contact for client technical teams, setting daily direction for PwC’s technical teams, and being accountable for the technical excellence of our delivery.
* Provide mentoring and oversight to the incident response practice to help the team grow and develop.
* Collaborate and build relationships with PwC’s wider Cyber Security practice, sharing insights gained from responding to incidents and helping other teams win and deliver work.
* Play a role in PwC’s global incident response community to support knowledge sharing, practice development and collaboration with global colleagues. Assist other PwC teams including crisis, external audit and eDiscovery with cyber subject matter expertise.
This role is for you if you have the following experience
* A robust understanding of, and recent hands-on experience with two or more of the following:
* Digital forensics and technical incident response
* Enterprise security operations capabilities and tooling
* Addressing detection coverage in EDR/SIEM solutions for ATT&CK TTP gaps
* Enterprise IT networks and Active Directory
* Cloud services such as Microsoft 365, Azure, GCP, and AWS
* A keen eye for detail, and the ability to solve challenging technical problems. The capability to explain technical findings to a variety of audiences, including non-technical individuals. An understanding of threat actors and techniques used to compromise organisations.
* The ability to build relationships with colleagues, PwC and clients. Training and mentoring other team members in both technical and soft skills.
* Familiarity with, or experience delivering, incident readiness and preparedness services, such as tabletop exercises, threat briefings, incident playbooks or runbooks, and capability gap analysis.
* Acting as the investigation lead for small to medium sized cyber incidents, including overseeing the work of other team members. Scoping solutions for clients, for both preparatory and emergency work, and leading the response to client requirements.
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Information Technology
Industries
* Professional Services
Referrals increase your chances of interviewing at PwC UK by 2x
#J-18808-Ljbffr