25 days old

Cyber Incident Response Experienced Associate

Washington, DC 20001
PwC/LOS Overview
PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.

We help resolve complex issues for our clients and identify opportunities. Learn more about us at www.pwc.com/us.

At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional (http://pwc.to/pwcpro) provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.

Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready
- to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at www.pwc.com/careers.

PwC Advisory helps our clients with their most challenging imperatives from strategy through execution. We combine the breadth of knowledge of over 48,000 global professionals with deep industry knowledge to deliver custom solutions for our clients. We work with the world's largest and most complex companies and understand the unique business issues and opportunities our clients face.

Job Description
As we aim to rapidly grow our Cybersecurity and Privacy practice, we are looking for consultants who are passionate about how strategy and technology can improve the role of cybersecurity, privacy and data protection in our digital world.

We are looking for consultants with extensive consulting, technological and industry experience who will help our clients solve their complex business issues from strategy through execution. A Cybersecurity and Privacy consulting career will provide the opportunity to grow and contribute to our clients' business issues every day, applying a collection of information and Cyber security capabilities, including security and privacy strategy and governance, IT risk, security testing, technology implementation/operations, and cybercrime and breach response.

Our Incident and Threat Management services help clients perform assessments and prepare for and respond to the tactical and strategic impacts of cybersecurity incidents. We assist in understanding the unique threats to clients organizations through analysis of the threat landscape; we also leverage government, law enforcement, and peer resources to more effectively combat threats through information-sharing opportunities such as ISAOs and information-sharing models.

Position/Program Requirements
Minimum Year(s) of Experience: 1

Minimum Degree Required: Bachelor's degree

Knowledge Preferred:

Demonstrates some knowledge and/or a proven record of success in the following areas:

- Current FRCP Guidelines and evidential continuity of industry leading practices including chain of custody;

- The development and application of technical threat intelligence in the cyber attack lifecycle, the management of multi-source threat intelligence fusion and production of technical intelligence reports;

- Windows system internals and ability to identify common indicators of compromise from dead or live systems and live memory using tools such as the SysInternals suite, RegRipper, Volatility, HBGary Responder or other live response tools;

- Dynamic and static malware analysis and sandboxing with the ability to reverse engineer and debug malware samples using tools such as IDA Pro, Responder Pro or OllyDbg, including defeating anti debugging, packing and obfuscation techniques; and,

- Scripting languages such as Python, Perl, or PowerShell and their use in forensic analysis & live incident response, or experience using other programming languages to develop software for host-centric, network-centric or log-centric security analysis.

Skills Preferred:

Demonstrates some abilities and/or a proven record of success in the following areas:

- Supporting our customers in proactively planning for and defending against a variety of cyber threats using both commercial and custom technology and threat intelligence sources;

- Performing in-depth forensic analysis on captured logs, network traffic collections, volatile memory or host images to identify and trace breach indicators and develop actionable threat intelligence;

- Forensically securing, preserving, and capturing volatile or physical disk data from workstations, laptops, servers, and network infrastructure devices thereby establishing that the evidential integrity of the data is not compromised;

- Drafting reports and presentations to explain our findings and recommendations;

- Researching and developing new procedures, scripts, tools, and techniques to continually refine and update our incident response processes;

- Developing and curating APT and targeted attack intrusion sets along with campaign research and tracking experience;

- Gleaning and analysing security information from enterprise network and host based sensors, such as IDS/IPS systems, HIDS, SIEMs, AD controllers, and firewalls;

- Analyzing raw network traffic captures or deployment and use of network forensics or monitoring devices such as Suricata, Sguil,

SQueRT, SNORT, and other vendor specific tools;

- Deploying and using enterprise EDR products such as Tanium, Crowdstrike, EnCase Cybersecurity, Fidelis, Damballa, FireEye
Forensic capture, & investigation tools such as EnCase, AccessData, X-Ways, SIFT, Security Onion, or F-Response;

- Mapping and navigating complex IT environments, selecting and deploying appropriate techniques and tools to quickly triage a compromised environment, correlating data from multiple sources to evaluate the scope, and impact of a breach; and,

- Coordinating with client subject matter specialists in order to devise innovative data capture protocols and procedures that will maintain evidential continuity, whilst not adversely affecting business continuity.


Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cyber Incident Response Experienced Associate

Washington, DC 20001

Share this job

Cyber Incident Response Experienced Associate

Washington, DC

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast