Threat Hunting and Incident Handling Senior Associate

About The Position

Requirements

• Experience in Cyber Intelligence or threat hunting, with a strong preference on those who have consulting experience in a Big 4 or similar
• Direct prior experience with core security technologies such as security information and event monitoring systems (SIEM), vulnerability scanners, anti-virus solutions and EDRs
• Strong knowledge of threat intelligence and threat hunting
• Knowledge of technical security controls and mitigations
• Good working knowledge of one or more of the following topics: Common security threats, industry best practices, security technologies, advanced endpoint analytics
• Knowledge of the MITRE framework
• Knowledge of common security threats, industry best practices, security technologies
• Strong knowledge of threat intelligence utilization.
• Execution of vulnerability assessments and penetration testing (application, networks and infrastructure)
• Able to clearly articulate technical vulnerabilities, issues and translate into business impacts and risks to senior stakeholders
• Security+ or equivalent foundational cybersecurity certification
• SC-200 or equivalent security operations certification
• AZ-500 or equivalent cloud security certification
• GCIH, GCIA, or other incident response focused certification
• Relevant vendor training in SIEM, EDR, or threat detection platforms
• Enhanced Security Clearance is mandatory for all personnel assigned to these roles.
• Obtaining this clearance will be an employment condition should you receive an offer from PwC.

Nice To Haves

• Consulting experience in a Big 4 or similar

Responsibilities

• Support incident response activities by assisting with investigation, containment, and documentation tasks.
• Contribute to threat hunting activities and continuously develop technical skills and knowledge.
• Assist in executing threat hunting exercises and analyzing suspicious activity across environments.
• Help improve cyber defense processes, detections, and documentation for future operations.
• Use established tools and procedures to help identify, analyze, and respond to cybersecurity threats in real time.
• Monitor network traffic, system logs, and other data sources to detect suspicious activities and escalate as needed.
• Support coordination with automation teams, including SOAR-related workflows and response processes.
• Support response efforts for security incidents through timely triage, investigation, mitigation assistance, and documentation.
• Follow established incident response plans and procedures, and contribute suggestions for improvement.
• Gather and analyze threat intelligence from various sources to proactively identify potential threats and vulnerabilities.
• Stay updated on the latest threat trends, tactics, techniques, and procedures (TTPs) used by adversaries.
• Develop comprehensive reports and documentation on threat activities, incident responses, and security measures.
• Communicate findings and recommendations clearly to team members and relevant stakeholders.
• Work closely with other cybersecurity teams, such as SOC analysts, forensic investigators, and vulnerability management teams.
• Collaborate with team members and participate in knowledge sharing on threat hunting techniques and best practices.
• Continuously evaluate and improve threat hunting methodologies and tools.
• Develop practical expertise in threat hunting and incident handling through hands-on delivery and guided experience.
• Pursue continuous professional development to strengthen knowledge of emerging threats, tools, and techniques.

Benefits

• Competitive compensation package
• Inclusive benefits
• Flexibility programs