Manager, Cybersecurity Incident Monitoring

Manager, Cybersecurity Incident Monitoring

PwC

We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.

Line of Service: Advisory

Industry/Sector: Not Applicable

Specialism: Managed Services

Management Level: Manager

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks.

Meaningful work you’ll be part of

As a Manager, Cybersecurity Incident Monitoring, you’ll work as part of a team of problem solvers, helping to solve business issues, deliver high quality client service and operational efficiency. Responsibilities include but are not limited to:

• Main point of contact for escalations and True positive incidents.
• Oversee the level 2 senior security analysts' team and ensure they perform advanced analysis and investigation of security incidents detected by the level 1 security analysts or the security tools.
• Provide guidance and support to the level 2 senior security analysts and assist them with troubleshooting, escalation, and resolution of complex or critical security issues.
• Coordinate with the level 2 security analysts and other teams for incident response and recovery activities and ensure the implementation of appropriate countermeasures and remediation actions.
• Review and validate the security incident reports and recommendations prepared by the level 2 senior security analysts and ensure they meet the quality and accuracy standards.
• Conduct quality assurance and reviews of the security incident reports and recommendations and provide constructive feedback and improvement suggestions to the level 2 senior security analysts.
• Coordinate with the level 2 security analysts and other teams for complex or high-severity incidents that require further investigation or remediation.
• Conduct performance evaluation and feedback sessions for the level 2 senior security analysts and identify their training and development needs and opportunities.
• Design and deliver training and mentoring programs for the level 2 senior security analysts and ensure they acquire and maintain the relevant skills and certifications.
• Collaborate with the clients and stakeholders and provide strategic and technical advice on security incidents and services and ensure customer satisfaction and retention.
• Monitor and report on the key performance indicators and metrics of the level 2 senior security analyst team and ensure they meet the service level agreements and objectives.
• Work closely with shift leads and have a regular touch point with them on the daily report of security operations metrics, KPIs, and SLAs and find a solution to identified gaps.
• Touchpoint with L2 leads to make sure they are facilitating regular meetings and training sessions for the level 1 security analysts' team to keep them updated on the security tools, latest security threats, trends, and best practices.
• Participate in calls with client stakeholders throughout the months (monthly, quarterly, bi-weekly, Threat Hunting, etc.).

Experiences and skills you’ll use to solve

• A bachelor's degree in a relevant area of study with a preference for Computer Science or Computer Engineering.
• Industry certifications (CISSP/GIAC suite/EC-Council) are an asset.
• Minimum of 6 years in Information Technology.
• Minimum of 4 years in Information Security.
• Proficient in Incident Response and Management.
• Knowledge of various security tools (e.g. SIEM, EDR, etc.) as well as operating system flavors including but not limited to Windows, Linux, Unix.
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
• Experience in MSSP environment.
• Knowledge of applications, databases, middleware to address security threats.
• Proficient in preparation of reports, dashboards and documentation.
• Excellent communication and leadership skills.
• Experience in performing vendor management.
• Ability to handle high pressure situations with key stakeholders.
• Good Analytical skills, Problem solving and Interpersonal skills.
• CISSP and GIAC certifications preferred.

Why you’ll love PwC

We’re inspiring and empowering our people to change the world. Powered by the latest technology, you’ll be a part of diverse teams helping public and private clients build trust and deliver sustained outcomes. This meaningful work, and our continuous development environment, will take your career to the next level. We reward your impact, and support your wellbeing, through a competitive compensation package, inclusive benefits and flexibility programs that will help you thrive in work and life.

PwC Canada acknowledges that we work and live across Turtle Island, on the land that is now known as Canada, which are the lands of the ancestral, treaty and unceded territories of the First Nations, Métis and Inuit Peoples. We recognize the systemic racism, colonialism and oppression that Indigenous Peoples have experienced and still go through, and we commit to allyship and solidarity.