Welcome to VERCIDA website.

Skip to main content
Enable Recite to make this website accessible

Profile completeness

Did you know that users who have filled in their profile details are 42 times more likely to get matched with the right employer?

security illustration Help us find the best workplace for you by sharing more about yourself. We will never disclose your information with others.

Job description

About The Team

Our Cyber Threat Operations practice is PwC's front-line technical services group, responsible for the development, management and execution of a portfolio of blue and red team services to our global clients. We provide subscription and bespoke threat research services, short-term and managed endpoint and network hunting services, incident response and readiness services and adversary emulation.

As part of the role, you'll be working across these teams while they identify and investigate intrusions, evolve collection strategies, implement new red-team TTPs and much more. You will get the first shot at coming up with innovative techniques to solve a wide range of needs - from urgent scripts needed on an incident response case, to longer term development and maintenance of our threat intelligence platforms, to methods to automate the creation of online personas and associated infrastructure to be used in red team engagements.

  • Developing tools, scripts and systems to streamline or automate common blue and red team requirements, including intelligence automation processes, collection methods and analytical capability.
  • Integrating disparate systems and data sources into analytical platforms, or orchestrating actions via APIs across multiple systems
  • Production of techniques to streamline the development of analytic content, detection concepts and signatures to detect malicious activity in log data, or network traffic.
  • Owning the coordination and implementation of technical development requirements from red and blue teams (e.g. working with a reverse engineer to implement a configuration decoder for a malware family, integrating a new data source to a TI platform, automating the provision of VMs and domains etc. for an adversary simulation engagement).
  • Ownership of the end-to-end integration for our threat intelligence stack (ad-hoc collection scripts, malware sandboxes, Yara/OpenIOC distribution, sinkholes etc.);
Skills and Experience
  • Experience in Python, JavaScript, SQL, NoSQL (Elastic, Mongo), PowerShell desired
  • Any UI/UX experience would also be a huge plus.
  • Experience of analytical tools and capabilities used in a Cyber Intelligence functions such as Maltego or MISP.
  • Understanding of open source and commercial information sources such as VirusTotal, Hybrid Analysis and OTX.
  • Deep understanding of the Cyber Kill Chain and the Diamond model and how they apply to threat intelligence.
  • Basic knowledge of security network architectures (e.g. Firewalls, DMZ, proxies, DNS, web and mail servers) and the principles of network security.
  • Experience of malware analysis and being able to interpret their findings as well as from vendor reporting.
  • Ability to normalise and analyse large datasets, often in unstructured formats
Job Sector
IT & Telecoms
Job Position
Network Security
London, UK Show on map
Post date
Closing date

How would you fit?

Learn more about PwC

Be unique. Be authentic. However you prefer to say it, we really mean it. Our culture embraces people’s diverse perspectives and creates a positive environment where everyone belongs. We’re determined to build a better, more connected world for everyone.

Other jobs in Business Services

Assistant - Office Services

Los Angeles, CA, USA

posted 1 year ago

Consultant - Healthcare Implementation

Management Consultant
West Peachtree Street Northwest, , Atlanta, United States

posted 1 year ago

You will receive an email with link to reset your password.

Enter your new password