Chief Technology Risk Office (CTRO)Business Change Technology and Security (BCTS)
Chief Technology Office (CTO)
Technology and Security Operations (TSO)
Chief Admin Office (CAO)
CYBER
Office of the Chief Information Technology Officer (OCITO)
Analyzing incidents, attributing incidents to threat types and intrusion sets, extracting intelligence from incident data and malicious code, and supporting Level 3 incident response;
Identifying, prioritizing and reporting on external cyber threats relevant to an organization’s industry, geographic and technological footprint;
Generating, consuming and exploiting tactical and operational threat intelligence to protect against cyber threats;
Reporting findings to multiple levels of management across cultural and geographic boundaries, as well as functional teams impacted by cyber threats;
Seeking new, and validating existing, sources of threat intelligence;
Providing tactical, operational and strategic recommendations for preventative controls to other security organizations based upon incident response findings and trends in realized threat activity;
Coordinating and executing changes to existing instrumentation to better facilitate
intelligence collection and utilization goals, applying skills like systems integration, tailored tool development, and informal project management;
Developing and advancing tradecraft for the team to follow;
Analyzing and organizing information and creatively resolving issues;
Facilitating structured analysis, prioritization and reporting of a cyber adversaries intent,opportunity and capability;
Writing intelligence reports (strategic, tactical, and/or operational).
Owning projects and processes to execute strategy and working autonomously, ensuring they result in sustainable operations and meet self-identified goals;
Delegating and inspection of work products;
Leading from the front in behaviors as well as skills;
Managing stakeholder expectations without oversight;
Contributing to the evolution of the team’s strategy;
Possessing highly effective oral and written communications, presentation skills and interpersonal abilities; and Managing stakeholder relationships.
Foundational computing principles like networking, operating systems, and information security concepts;
Traditional intelligence tradecraft and concepts (e.g., the Intelligence Cycle, kill chain, diamond model, and MITRE AT&CK);
Structured analytic techniques (e.g., Analysis of Competing Hypotheses);
Threat intelligence platforms (e.g., ThreatQ, OpenCTI, MISP, etc.);
Security information and event management (SIEM) platforms (e.g., Splunk, Elastic, etc.);
Malware sandboxes and repositories (e.g., VirusTotal, VMRay, Hybrid-Analysis, etc.);
Detection development (e.g., Yara, KQL, Splunk, etc.);
Open source intelligence (OSINT) collection sources, tools, and analysis;
Threat actor tactics, techniques, and procedures (TTPs);
Development of threat characteristics into intrusion sets;
Various classifications of threats (e.g., ransomware and the cybercrime economy) or espionage-motivated threats;
Computer forensics and incident response;
Meta-analysis, data analysis, trend analysis, and data presentation;
Malware reverse engineering fundamentals;
Command and control frameworks (e.g., CobaltStrike, Sliver, etc.);
Programming (e.g., C, Python, Golang, Rust, etc.);
Application programming interfaces (APIs);
SIEM experience (Splunk preferred);
Network protocols (OSI layers 3-5);
Basic programming (Python preferred);
Incident response processes;
Application of basic intelligence models (e.g., the Intelligence Lifecycle, intrusion kill chain, diamond model, analysis of competing hypotheses) and related structured analytic techniques;
Current cyber threats and adversary tools, techniques and procedures; and,
Enterprise Threat Intelligence Platform technology experience.
Many training and courses that contribute to your personal and professional development;
An appropriate salary and extensive employment benefits. These benefits include a 'well-being budget'. This is a personal yearly budget of €1000,- that you can spend on your health, e.g., mindfulness, sports, lifestyle coaching, a second screen for your home office and noise cancelling headphones
Monthly internet allowance
A lease car or car allowance, laptop and an iPhone;
32 holiday days per year
Informal and interesting (virtual) events with colleagues.
Company
Location
Amsterdam - Netherlands
Job type
Full-Time
Golang Job Details
Operating on a local, regional and global scale, Network Information Security (NIS) is responsible for the definition of our security strategy to hands on execution of our global Cyber Readiness Program, moving from predominantly local to centralized services. Global Technology is responsible for driving the adoption and operation of global IT services across the organization.
If you are seeking an exciting career with the scope to grow your cyber security and technology skills through major change on a global scale, then NIS and PwC Technology will empower you to do so.
In order to execute against the PwC Technology and NIS agenda, the team is structured into the following Pillars:
NIS and PwC Technology are building the first global cyber security and technology function at PwC. Our mission protects 300,000 PwC members across 160 member firms worldwide as well as our global clients.
What does your work look like?
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
A career in Global Technology and Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. The Security Awareness team is responsible for implementing a consistent security awareness programme through influence across the PwC Network of Firms to address risks associated with user behavior. Demonstrates intimate abilities and/or a proven record of success as a team leader in the following areas:
Who are you?
Demonstrates intimate abilities and/or a proven record of success as a contributor / leader in the following areas:
What can we offer you?
Apply now!
Are you interested in this vacancy and do you meet the requirements? Apply directly by clicking the button. We would like to receive your resume and cover letter. In addition, be aware that performing an assessment can be part of the application process. If you have any questions about the vacancy, please contact our Recruiter Anamika Ranjan
Please note: direct applications only, no recruiters.
More Developer Job Boards
Fullstack Developer Jobs Golang Jobs JavaScript Jobs Python Jobs React Jobs Rust Jobs Java Jobs