Cybersecurity Incident Manager

About The Position

Requirements

• A bachelor's degree in a relevant area of study with a preference for Computer Science or Computer Engineering.
• Minimum of 6 years in Information Technology and minimum of 4 years in Information Security.
• Proficient in Incident Response and Management.
• Knowledge of various security tools (e.g. SIEM, EDR, etc.) as well as operating system flavors including but not limited to Windows, Linux, Unix.
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
• Knowledge of applications, databases, middleware to address security threats; Proficient in preparation of reports, dashboards and documentation.
• Excellent communication and leadership skills and experience in performing vendor management.
• Ability to handle high pressure situations with key stakeholders and good Analytical skills, Problem solving and Interpersonal skills
• As a requirement, a Security Clearance is mandatory for all staff who’ll be engaged on these assignments. Prior to applying, please review the Government of Canada website to ensure you meet the eligibility requirements to obtain this clearance. This’ll become a condition of your employment with PwC should you receive an offer from us.

Nice To Haves

• Industry certifications (CISSP/GIAC suite/EC-Council) are an asset.
• Experience in MSSP environment.

Responsibilities

• Serve as the escalation contact for confirmed and high-impact incidents.
• Oversee technical investigations and coordinate response activities across multiple teams.
• Take technical ownership of the level 2 senior security analysts' team, ensuring advanced analysis and investigation of security incidents identified by level 1 security analysts or security tools.
• Provide guidance and assistance to level 2 senior security analysts with troubleshooting, escalation, and resolution of complex or critical security issues.
• Coordinate incident response and recovery actions with level 2 security analysts and other teams, ensuring appropriate countermeasures and remediation steps are implemented.
• Review and validate security incident reports and recommendations from level 2 senior security analysts to confirm quality and accuracy standards are met.
• Conduct quality assurance reviews of incident reports and provide feedback and suggestions for improvement to level 2 senior security analysts through regular interactions with the QA lead/team.
• Collaborate with level 2 security analysts and other teams regarding complex or high-severity incidents requiring further investigation or intervention.
• Conduct performance evaluations and feedback sessions for level 2 senior security analysts and identify areas for training and development.
• Develop and deliver training and mentoring programs for level 2 senior security analysts to support relevant skills acquisition and certification maintenance.
• Work with clients and stakeholders to offer strategic and technical guidance on security incidents and services, promoting customer satisfaction and retention.
• Monitor and report on key performance indicators and metrics for the level 2 senior security analyst team, confirming service level agreements and objectives are achieved.
• Maintain regular communication with shift leads to review daily security operations metrics, KPIs, and SLAs, addressing any identified gaps.