Vulnerability Management Analyst
PwC / Amsterdam (NL)Apply on site
The PwC Technology and Network Information Security (NIS) team at PwC is searching for talented security and technology professionals to build out a new centre of excellence in the Netherlands.
Operating on a local, regional and global scale, Network Information Security (NIS) is responsible for the definition of our security strategy to hands on execution of our global Cyber Readiness Program, moving from predominantly local to centralised services. Global Technology is responsible for driving the adoption and operation of global IT services across the organisation.
If you are seeking an exciting career with the scope to grow your cyber security and technology skills through major change on a global scale, then NIS and PwC Technology will empower you to do so.
In order to execute against the PwC Technology and NIS agenda, the team is structured into the following Pillars:
- Chief Technology Risk Office (CTRO)
- Business Change Technology and Security (BCTS)
- Chief Technology Office (CTO)
- Technology and Security Operations (TSO)
- Chief Admin Office (CAO)
- Office of the Chief Information Technology Officer (OCITO)
NIS and PwC Technology are building the first global cyber security and technology function at PwC. Our mission protects 300,000 PwC members across 160 member firms worldwide as well as our global clients.
What does your work look like?
The Vulnerability Management team has the goal to minimize the overall Information Technology (IT) security risk to the PwC Network of Firms by identifying, reporting, and driving the mitigation of security vulnerabilities within the network, endpoint, and cloud infrastructures in a consistent and expeditious manner. By minimizing the internal and external IT security risks, Vulnerability Management (VM) helps defend against proprietary and client data loss, and reduces the ability for threat actors to carry out malicious activities against the PwC Network of Firms. Ultimately VM assists in protecting the PwC’s business mission, the PwC brand and our internet reputation.
Your skills and responsibilities include but are not limited to:
- Direct impact to the identification, control and reduction of the attack surface;
- Deliver inventory data and/or vulnerability data and/or metrics to other NIS team and IT operations;
- Collaborate with Threat Intelligence, red team, incident response to drive swift remediation on high risk vulnerabilities;
- Build out, support and maintain inventory of internal and external assets and name space;
- Execute, coordinate, document network discovery scans and vulnerability scans for operating system and/or database assets;
- Craft different types vulnerability reports manually or through tools to drive remediation;
- Engage IT operations as needed to driving remediation of vulnerabilities;
- Aggressively but tactfully communicate the right priority to reduce risk and support PwC internet reputation;
- Support other Cyber Security teams sharing inventory and/or vulnerability information;
- Engage project stakeholders as needed to help drive remediation of vulnerabilities on infrastructure before new applications or updates go live;
- Collaborate with other IT groups on monthly patching, non-patch vulnerability remediation, vulnerability exception review;
- Perform ad-hoc vulnerability scans and/or reports;
- Interact with all levels of management, external bodies, stakeholders, and policy holders including senior leadership.
Who are you?
- At least 4 years of experience as a technical project manager working in a matrixed project environment;
- Relevant Bachelor or Master degree in Information technology or related field of study and/or completed certifications involving cybersecurity;
- Intermediate to expert Excel and scripting (Python, Powershell) skills;
- Understanding of vulnerability management processes:
- - Scanning
- Remediation (knowledge of Windows operating system, Linux operating systems);
- Strong analytical skills including the ability to research, analyse, and present vulnerability findings;
- Strong business and global acumen to help manage relations at a global stage;
- Great attention to detail to ensure all artifacts produced are concise and accurate.
What can we offer you?
- Many training and courses that contribute to your personal and professional development
- An appropriate salary and extensive employment benefits. These benefits include a 'well-being budget'. This is a personal yearly budget of €750,- that you can spend on your health, e.g., mindfulness, sports, lifestyle coaching, a second screen for your home office and noise cancelling headphones
- Monthly internet allowance
- A lease car or car allowance, laptop and an iPhone
- 32 holiday days per year
- Informal and interesting (virtual) events with colleagues
Are you interested in this vacancy and do you meet the requirements? Apply directly by clicking the button. We would like to receive your resume and cover letter. In addition, be aware that performing an assessment can be part of the application process. If you have any questions about the vacancy, please contact our Recruiter Shannon Millar (email@example.com).