For information of interest to boomers, retirees and people planning their retirement click here
Employer: Create Account or Login
Sign In
 [New User? Sign Up]
Mobile Version

NIS Vulnerability Manager

PricewaterhouseCoopers LLC

Pricewater House
Tampa, FL 33602
PricewaterhouseCoopers LLC
Apply on the Company Site
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

PwC/LOS Overview
PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.

We help resolve complex issues for our clients and identify opportunities. Learn more about us at

At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional ( provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.

Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready
- to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at

It takes talented people to support the US firm of the largest professional services organization in the world. Not all of us work directly with external clients. Some of our best people choose to apply their talents inside PwC.

As part of Internal Firm Services, you're serving an organization on par with many of our external clients. Our Internal Firm Services team consists of first-rate marketers, human resource professionals, computer technologists, knowledge managers, accountants, financial planners, administrators and leaders. Internal Firm Services staff are the people who make it work for the people who make it work for our clients.

Job Description
Network Information Security organization is tasked with designing, implementing and maintaining information security capabilities and services for the PwC Network of member firms. The organisation consists of highly skilled information security professionals across the globe that are focused on developing a leading security program across the Network of Firms, to foster clients trust in our ability to secure their most sensitive data, to better position PwC to address clients evolving needs and to harmonize the internal firm security strategy with client services go-to-market strategy. The group is leading PwC's Network Security Transformation Programme, which is a multi-year programme to enhance existing capabilities and build new capabilities to combat the ever more complex cyber threats.

Cyber Security and Data Protection runs cyber capabilities with emphasis on detecting, responding and preventing cyber incidents within the PwC Network of Firms. They also provide vulnerability and application assessments to identify and mitigate risks in IT systems. Capabilities the team will have include security monitoring, vulnerability management, application security, forensics, CSIRT, perimeter security, and data loss prevention.

The Cyber and Data Protection group is responsible for overseeing and enforcing that the security controls for the firm are in place and functioning as intended including, Vulnerability Management and Endpoint and Infrastructure Security while maintaining the firms' key risk indicator programs as well as interacting with Firm/LoS leadership to educate and inform on areas of key risk.

Position/Program Requirements
Minimum Year(s) of Experience: 4 years of proven success in roles involving leveraging information technology to conduct forensic technology or cyber-security analyses

Minimum Degree Required: High School Diploma or GED

Degree Preferred: Bachelor's degree in Computer Science or Information Services

Certification(s) Preferred: CISSP, CISM, CISA, CCIE, CCNA, CCNP, CCSA

Knowledge Preferred:

Demonstrates extensive knowledge and/or a proven record of success in the specialization of network, infrastructure and application security solutions.

Demonstrates extensive knowledge and/or a proven record of success in roles involving, managing IT related security management projects and solutions and its impact on an overall business IT infrastructure profile, preferably for a global network of consulting firms, which includes the following areas:

- New and existing IT programs and projects to identify, track and remediate applications and infrastructure vulnerabilities where needed including assessment of vulnerabilities, sources of threats and current security state to determine the overall risk rating of a business technical environment in order to prioritize necessary remediation activities;

- New security technologies, the implementation requirements of those security technologies, and integration of those into a larger solution; Web hosting architecture and principles, including network, infrastructure and application security solutions; Risk assessment/acceptance factors that can affect business and security decisions;

- Data classification and its impact on the security design of networking solutions;

- Business processes and business drivers that can affect system designs; and,

- Innovation, new solutions and processes; incorporating new technologies when warranted.

Skills Preferred:

Demonstrates extensive abilities and/or a proven record of success in analyzing new networking solutions, identifying potential security concerns, and developing approaches used to mitigate identified risks, including the following areas:

- Influencing and collaborating with members of the IT organization to implement recommendations, assess and/or enhance the firm's information security posture by leading remediation efforts of identified vulnerabilities, including firm assets, infrastructure

- Leveraging Enterprise Vulnerability Solutions: Qualys, Nessus, AppDetective, Firemon, Nipper; Enterprise URL Filtering Solutions: Websense, Blue Coat, McAfee; Enterprise Rights Management Solutions: Avecto, ViewFinity, BeyondTrust; Enterprise Whitelisting Solutions: Bit9, McAfee Application Control, ViewFinity; Networking protocols and services, including their relevant security issues: TCIP/IP, IPX/SPX, DNS, SNMP, 802.1x, SSL etc; Windows, Unix operating systems and related security concerns;

- Executing and utilizing processes and threat vulnerability tools, reviewing vulnerabilities analyses and results, scanning techniques;

- Deploying tools and processes to evaluate and remediate threats and vulnerabilities in applications and infrastructure;

- Performing research on pertinent technical matters, especially leading and independently reviewing application threat vulnerability assessments;

- Utilizing creative solutions when problem-solving, collaborating effectively as part of a team, yet functioning well with independent responsibilities, especially the ability to multitask and extreme attention to detail;

- Communicating clearly on technical concepts and issues to non-technical business leadership, including translating technical security verbiage;

- Demonstrating willingness to take the initiative for individual personal growth and development; and,

- Adapting to changing schedules and work assignments, including willingness to travel domestically and globally, when required, and extended work hours.

Apply on the Company Site

Featured Jobs

Featured Employer

  • © Adicio Inc.