Guardian Careers – Security Engineer

About the job

PWC

Microsoft Security Engineer

• The role

We are seeking cloud security engineers with a specialist interest in Microsoft security technologies to join our advisory team within our Cyber security practice.

As one of our Microsoft Security Engineers your role will primarily focus on delivering an excellent quality of technical work to our clients. You will be expected to deliver against multi-year transformation programmes to uplift clients cyber security capabilities. Your excellent knowledge of Microsoft technologies will enable you to work hands-on with our clients and help them tangibly improve their security by designing and implementing security enhancements into their environments.

As one of our security engineers you will have…

• A broad range of Microsoft skills and deep expertise in many of the technologies in section 3;
• A great work ethic and be able to function well as part of a team and as an individual;
• A passion for tech and a specific interest in Microsoft technologies;
• A demonstrable experience in a similar role with a proven track record of successful implementations in client facing roles;
• Confidence with hands-on working and have a good aptitude for everything tech;
• You should be a self-motivator with a high attention to detail and care about delivering high quality work;
• Strong communication skills and will be able to articulate technically complex topics in an easy to understand manner;
• You will also be comfortable when talking with a wide range of audiences;
• As an added bonus you may also have security experience in AWS technologies and previous experience as a developer and/or the aptitude for coding.
• Responsibilities

The core responsibilities of this role include:

• Implement cloud security controls through Microsoft-native cyber security technologie;
• Advise on and optimise the configuration of client’s existing security tools, e.g. Defender for Endpoint, Microsoft Sentinel, Defender for Identity, Defender for Cloud, and others;
• A strong understanding of how to reduce security vulnerabilities and configuration weaknesses regardless of the technology at hand;
• Lead on the DevSecOps initiatives to ensure an integrated approach to security by working with internal and client development teams;
• Provide technical support at all stages of the delivery lifecycle, including consultancy to stakeholders;
• Capture and share knowledge and learnings within our engineering teams;
• Build the documentation and automation scripts necessary for the security operations team to take appropriate actions;
• Work with the Cloud Operations teams in the definition and implementation of security standards and best practices.
• Skills and experience

Ideal candidates must be able to demonstrate a high level of competency in a good selection of the skills outlined below.

• Microsoft Sentinel and good understanding of KQL and working knowledge of integrating custom connectors with Sentinel using APIs. If you have no direct experience with Sentinel, individuals with good developer skills will be considered;
• M365 Threat Protection technologies including Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office 365, and Microsoft Defender for Cloud Apps;
• Azure Security technologies including Microsoft Defender for Cloud, Key Vault, Azure DDoS Protection, and other;
• Information Protection technologies such as Azure Information Protection, Windows Information Protection, and Data Loss Prevention;
• Compliance technologies including Advanced eDiscovery, Data Retention, and Insider Risk Management;
• Identity technologies including Azure Active Directory P1 & P2.

Skills in the following areas would be nice to have:

• Familiarity with programming and/or an interest in developing skills in this area. In particular skills in Kusto Query Language (KQL) and PowerShell;
• Power BI;
• Power Apps, Power Automate;
• Windows Enterprise including Autopilot, Autopatch, Intune, and Microsoft Endpoint Configuration Manager;
• Familiarity with AWS technologies such as, Security Hub, Macie, GuardDuty, Inspector, and others;
• Knowledge of well-known SaaS technologies such as SAP and Oracle.

The following certifications would be nice to have:

• Microsoft Certified: Azure Security Engineer Associate (AZ-500);
• Microsoft Certified: Azure Solutions Architect Expert (AZ-303 or AZ-304 or AZ-405);
• Microsoft Certified: Cybersecurity Architect Expert (SC-100);
• Microsoft Certified: Security Operations Analyst Associated (SC-200);
• Microsoft Certified: Identity and Access Administrator Associate (SC-300);
• Microsoft Certified: Information Protection Administrator Associate (SC-400).
• What you will get

Our purpose as a cyber security practice is to help solve complex problems and build a secure digital society. Within our practice, you will have the opportunity to broaden your experience across industries, build relationships with clients and senior groups, and be involved in big business changes.

You’ll contribute to delivering cyber security to some of the world’s most iconic companies and brands, and to helping them to build their cyber defences. Working in cyber security at PwC will give you unparalleled breadth of experience, and insight into how a wide range of client businesses work.

You’ll work in a team where we mix a supportive and collaborative culture with a challenging and high performance one. You’ll be rewarded for your contribution and impact in building our business and delivering on our purpose.

You’ll be supported to develop your career by an experienced and close-knit team who will invest in your career and experience and provide you with mentoring and coaching to transition to PwC and grow your career in our firm.

• About our practice

Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC’s clients. In a recent PwC survey it remains the top risk in the minds of CEO’s globally, with 91% of UK CEOs rating it as a significant concern. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale.

At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise.

As one of the largest cyber security specialist consulting practices in the UK, we have over 250 practitioners who range from business risk advisors who work with CEOs, CFOs and boards, to transformation specialists who execute major change programmes, to deep technical SMEs who help clients implement controls to secure their businesses from attack, and support them to respond when an attack occurs.

Our practice is experiencing significant growth which is driven by demand from our clients for greater assistance in dealing with increasingly complex cyber security risks, and support in executing their change and growth agendas securely. We believe helping our clients gain confidence in their digital future is essential to their growth, and as a result our cyber security practice is one of the key growth priorities of our firm.

• About our Team

PwC UK provides best in class Cyber Security advisory services that provide truly distinctive value and enable our clients to better deliver and optimise their digital business services and processes.

We offer a broad range of Cyber Security advisory services including:

• Cyber security assessments and architecture reviews
• Cyber security operating model design and transformation
• Cyber security strategy, governance and policy definition
• Cyber risk management and reporting
• Cyber internal audit
• Cyber privacy and regulations advice
• Supply chain security
• Security assurance
• Managed cyber security services

We pride ourselves in attracting and building diverse teams, with skills and experiences from a variety of technical, business and risk specialisms, and who enjoy working in a collaborative manner. We are seeking individuals who challenge themselves and have a constant curiosity that drives innovation and helps our clients solve their most important cyber security problems.

Risk

Risk is all around us and in our complex world, is changing all the time. Our teams bring people from diverse backgrounds together, using their skills and cutting-edge technology, to help solve complex problems. We are pioneers in a world of changing risk and our market leading services build resilient organisations. Join us and together, we can support our clients to rethink risk.

Not the role for you?

Did you know PwC offers flexible career arrangements and contract work? Learn more.

The Skills We Look For

The PwC Professional is our global framework for defining and encouraging leadership at all levels. Learn more.

The Deal

‘The Deal’, our firmwide Employee Value Proposition’ empowers our people to be the best they can be. Learn more.

Our commitment to you

We’re committed to building a culture that empowers all of our people to thrive and feel a sense of belonging at PwC. Learn more.

Application support

If you’re a person with a disability, if you’re neurodivergent, or if you have a condition that you believe may affect your performance during our selection process, we’ll be happy to make reasonable adjustments to our processes for you. Learn more.