Senior Associate - Cybersecurity SIEM Azure Sentinel

About the job

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe. The Threat Detection team works with clients to detect cyber threats, identify malicious activity that could compromise the network and help with mitigation efforts before the threat can present vulnerabilities. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: • Use feedback and reflection to develop self awareness, personal strengths and address development areas. • Delegate to others to provide stretch opportunities, coaching them to deliver results. • Demonstrate critical thinking and the ability to bring order to unstructured problems. • Use a broad range of tools and techniques to extract insights from current industry or sector trends. • Review your work and that of others for quality, accuracy and relevance. • Know how and when to use tools available for a given situation and can explain the reasons for this choice. • Seek and embrace opportunities which give exposure to different situations, environments and perspectives. • Use straightforward communication, in a structured way, when influencing and connecting with others. • Able to read situations and modify behavior to build quality relationships. Positional Requirement Minimum of 4-9 years of prior experience in Azure Sentinel solutions as a SIEM solutions & Logic apps as SOAR Solutions Key Responsibilities • SIEM and Log Onboarding • Design, implement, and manage log onboarding for a wide range of sources (firewalls, cloud services, EDR, etc.) • Create advanced detection use cases in SIEM platforms (e.g., Microsoft Sentinel). • Develop and optimize Kusto Query Language (KQL) queries for threat detection and hunting. • SOAR Integration and Automation • Design and deploy automated workflows to streamline triage, containment, and response using SOAR platforms (e.g., Palo Alto XSOAR, Microsoft Sentinel SOAR). • Maintain and enhance playbooks and integrations for alert enrichment, ticketing, and incident response. • Endpoint and Extended Detection & Response • Configure and manage EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender XDR). • Analyze endpoint telemetry to detect and respond to sophisticated threats. • Cloud Security & Azure Expertise • Implement cloud-native security controls across Microsoft Azure. • Apply Azure security best practices including RBAC, NSGs, Key Vault, Defender for Cloud, and Azure Policies. • MITRE ATT&CK & Threat Intelligence • Develop and maintain detection coverage mapped to the MITRE ATT&CK framework. • Integrate threat intelligence feeds for proactive hunting and enrichment. • Generative AI in Security • Explore and implement Generative AI models to enhance detection logic, log summarization, and threat triage. • Security Monitoring and Incident Response • Conduct proactive technical analyses post-incident to improve operational effectiveness and response efficiency. Professional and Educational Background • Bachelor's Degree Preferred. Required Qualifications • Bachelor's or master's degree in relevant field. • A grasp of the IT/OT Threat Landscape. • Strong hands-on experience with SIEM (especially Microsoft Sentinel), SOAR, and EDR/XDR. • Advanced proficiency in KQL and skills in PowerShell, or Python scripting would be a significant asset. • Solid understanding of cloud platforms, especially Microsoft Azure. • Hands-on experience or strong interest in Microsoft Azure security solutions, particularly Azure Sentinel, including developing detection rules and automations using Kusto Query Language (KQL). • Familiarity with CASB platforms and cloud log analysis. • Knowledge of security frameworks such as MITRE ATT&CK, NIST, and CIS Benchmarks. • Exposure to Generative AI models and tools is a plus. • Relevant certifications such as AZ-500, SC-200, SC-100 or equivalent preferred. • Effective communication skills, allowing you to articulate security issues to peers, stakeholders, and clients.

Requirements

• Cybersecurity
• Azure Sentinel
• SIEM
• Kusto Query Language (KQL)
• SOAR
• EDR/XDR
• Cloud Security
• Azure Security
• Generative AI

Qualifications

• Bachelor's or master's degree in relevant field
• Experience with SIEM
• Experience with SOAR
• Experience with EDR/XDR

Preferred Technologies

• Cybersecurity
• Azure Sentinel
• SIEM
• Kusto Query Language (KQL)
• SOAR
• EDR/XDR
• Cloud Security
• Azure Security
• Generative AI