Cloud Security Consultant - Senior Associate

Line of Service

Advisory

Industry/Sector

Technology

Specialism

Advisory - Other

Management Level

Senior Associate

Job Description & Summary

About PwC ETIC - Egypt Technology and Innovation Centre

PwC is opening a new Technology & Innovation Center in Cairo that will

deliver high quality technology solutions to consulting Clients across the

globe. The Centre will provide a broad suite of skills and services to our

clients, ranging from Packaged Applications such as SAP & Oracle, to

Cybersecurity, Data Analytics, Custom Development and Cloud services

utilising AWS, Azure and Google, as well as expanding our existing

Managed Services capabilities.

The centre is looking to expand rapidly and we are looking for

enthusiastic self-starters with a passion for technology and client

delivery to help shape and form this new venture.

About Our Practice

Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC’s clients. In a recent PwC survey, it remains the top risk in the minds of CEO’s globally, with 91% of UK CEOs rating it as a significant concern. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale.

At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise.

Cloud Security - Configuration Review, core responsibility

Overview

• It involves examining the settings, configurations, and policies used in the IT environment, identifying potential security gaps and vulnerabilities, and recommending best practices to improve the security posture of the organization. The assets in scope can be (Network appliances, security appliances and popular operating systems such as Microsoft windows, Unix, and Linux), the reviewer is expected to look into configurations, setting as well as the man made rules such as firewall rules or access lists to check for any deviations.
  
  

Configuration review process:

• Validate the Scope: Confirm and validate the scope of the assessment, including the systems and devices to be reviewed, the types of configuration settings to be assessed, and any specific security policies and standards that apply.
• Prepare the Assessment Criteria or checklist: Develop assessment criteria and checklist based on vendor best practices, industry standards and applicable client policies and procedures. The standards can include frameworks such as CIS Controls or NIST Cybersecurity Framework.
• Conduct the Assessment: Conduct the assessment, reviewing the configurations of systems and devices against the assessment criteria. This can be done using automated tools, manual review, or a combination of both.
• Identify Findings: Identify any findings or deviations from the assessment criteria. This can include misconfigurations, missing patches, or insecure settings.
• Analyze Findings: Analyze the findings to determine their impact on the security posture of the organization. Prioritize the findings based on the risk they pose to the organization.
• Develop Recommendations: Develop recommendations for remediation of the findings, including specific actions to be taken and timelines for completion.
• Present Findings and Recommendations: Present the findings and recommendations to key stakeholders in the organization.
  
  

Overall, a configuration review assessment involves a thorough review of configurations against established criteria and checklist to identify potential security risks and develop recommendations for remediation.

Experience in the those or similar tools is preferred: Nipper, Tripwire, Qualys, Nessus, Algosec...etc

Role Requirements

▪ Good understanding and practical experience in infrastructure and Cloud

platform security

▪ Good understanding of Microsoft Sentinel and KQL

▪ Experience and proven record of success in integrating custom connectors

with Sentinel using APIs. If you have no direct experience with Sentinel,

individuals with good developer skills will be considered

▪ Experience with M365 Threat Protection technologies including Microsoft

Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for

Office 365, and Microsoft Defender for Cloud Apps

▪ Experience with Azure Security technologies including Microsoft Defender for

Cloud, Key Vault, Azure DDoS Protection, and other

▪ Experience with Information Protection technologies such as Azure

Information Protection, Windows Information Protection, and Data Loss

Prevention

▪ Hands-on experience establishing and configuring security controls for

Microsoft Azure components (i.e. Defender for Cloud, Azure Firewall, Azure

DDOS Protection, Azure Bastion and Sentinel)

▪ Hands-on experience establishing and configuring security controls for

Microsoft 365 components (i.e. Microsoft Purview, Defender for Cloud App,

Endpoint, Identity and Vulnerability Management)

▪ Hands-on experience establishing and configuring security controls for general

security solution (i.e. Azure Active Directory, Azure Identity Protection and

Azure RBAC)

▪ Experience with compliance technologies including Advanced eDiscovery, Data

Retention, and Insider Risk Management

▪ Experience with Identity technologies including Azure Active Directory P1 & P2

▪ Familiarity with a programming or scripting languages (esp. in KQL and

PowerShell) is a plus

▪ Familiarity with Power BI, Power Apps, or Power Automate is a plus

▪ Knowledge of well-known SaaS technologies (i.e. SAP, Oracle) is a plus

▪ At least 1 year of relevant work experience for Associate grade

▪ At least 3 years of relevant work experience for Senior Associate grade

▪ Open minded seeking innovative solutions

▪ Ability to work within a fast-paced & unstructured environment

▪ Ability to adapt to and communicate with different working styles

▪ Ability to interact efficiently with senior members of the firm across

multiple time zones

Essential Skills & Attributes

• Demonstrates extensive knowledge in infrastructure and cloud security
• Experience in Consulting or in working within multinational environments
• Excellent communication and presentation skills
• High level of customer orientation and a convincing demeanour
• Ability to work within a fast-paced & unstructured environment. Must be able
  
  

to multi-task and effectively and continually prioritise

• Excellent oral and written English skills. German language proficiency is a
  
  

plus

Education

• University degree, ideally in the fields of Computer and Information Science,
  
  

Business Informatics, Computer Engineering, Cyber Security, Information

Technology, Management Information Systems

• The following Microsoft certifications are a significant plus:
• Azure Security Engineer Associate (AZ-500)
• Azure Solutions Architect Expert (AZ-303 or AZ-304 or AZ-405)
• Cybersecurity Architect Expert (SC-100)
• Security Operations Analyst Associated (SC-200)
• Identity and Access Administrator Associate (SC-300)
• Information Protection Administrator Associate (SC-400)
  
  

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Administration, Cloud Engineering, Cloud Infrastructure, Cloud Infrastructure Architecture Design, Cloud Resource Management, Cloud Security, Cloud Security Auditing, Cloud Service Delivery, Cloud Service Level Risk Management, Communication, Creativity, Cyber Engineering, Embracing Change, Emotional Regulation, Empathy, Forensic Investigation, Incident Investigation, Inclusion, Information Security, Infrastructure as a Service (IaaS), Intellectual Curiosity {+ 19 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

Yes

Government Clearance Required?

No

Job Posting End Date