PwC is opening a newTechnology & Innovation Center in Cairo (PwC ETIC) that will deliver high quality technology solutions to consulting Clients across the globe. The Centre will provide a broad suite of skills and services to our clients, ranging from Packaged Applications such as SAP & Oracle, to Cybersecurity, Data Analytics, Custom Development and Cloud services utilising AWS, Azure and Google, as well as expanding our existing Managed Services capabilities. The centre is looking to expand rapidly and we are looking for enthusiastic self-starters with a passion for technology and client delivery to help shape and form this new venture.
Our Cyber security practice is a critical component of PwC's offerings, addressing one of the most significant strategic risks to our clients. A recent PwC survey identified cyber risk as the top concern for CEOs globally. Businesses are undergoing rapid digital transformation, facing disrupted supply chains and evolving workforces. At PwC, our cyber security practice enables clients to execute this transformation securely and enhance their resilience to cyber security threats. We provide holistic strategy, risk, governance advice, and deep technical implementation expertise across national operations.
This Senior Associate position focuses on Cloud Security - Configuration Review, a core responsibility involving the examination of settings, configurations, and policies within IT environments. The goal is to identify potential security gaps and vulnerabilities, then recommend best practices to improve the organization's overall security posture. Assets in scope typically include network appliances, security appliances, and popular operating systems such as Microsoft Windows, Unix, and Linux. The reviewer is expected to scrutinize configurations, settings, and man-made rules (like firewall rules or access lists) for any deviations from established security standards.
The Configuration Review process includes: validating the scope of assessment, developing assessment criteria based on vendor best practices and industry standards (e.g., CIS Controls, NIST Cybersecurity Framework), conducting assessments using automated tools or manual review, identifying findings (misconfigurations, missing patches, insecure settings), analyzing these findings to determine their impact and prioritize risks, developing remediation recommendations with specific actions and timelines, and finally presenting findings and recommendations to key stakeholders. This comprehensive review ensures configurations align with established criteria to mitigate security risks.

Eligibility / Qualification Required:

Education:

• University degree, ideally in the fields of Computer and Information Science, Business Informatics, Computer Engineering, Cyber Security, Information Technology, Management Information Systems.
• The following Microsoft certifications are a significant plus: Azure Security Engineer Associate (AZ-500), Azure Solutions Architect Expert (AZ-303 or AZ-304 or AZ-405), Cybersecurity Architect Expert (SC-100), Security Operations Analyst Associated (SC-200), Identity and Access Administrator Associate (SC-300), Information Protection Administrator Associate (SC-400).

Experience:

• At least 3 years of relevant work experience for Senior Associate grade.
• Experience in tools like Nipper, Tripwire, Qualys, Nessus, Algosec, etc., is preferred.
• Good understanding and practical experience in infrastructure and Cloud platform security.
• Good understanding of Microsoft Sentinel and KQL.
• Experience and proven record of success in integrating custom connectors with Sentinel using APIs. If you have no direct experience with Sentinel, individuals with good developer skills will be considered.
• Experience with M365 Threat Protection technologies including Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office 365, and Microsoft Defender for Cloud Apps.
• Experience with Azure Security technologies including Microsoft Defender for Cloud, Key Vault, Azure DDoS Protection, and other related technologies.
• Experience with Information Protection technologies such as Azure Information Protection, Windows Information Protection, and Data Loss Prevention.
• Hands-on experience establishing and configuring security controls for Microsoft Azure components (i.e., Defender for Cloud, Azure Firewall, Azure DDOS Protection, Azure Bastion and Sentinel).
• Hands-on experience establishing and configuring security controls for Microsoft 365 components (i.e., Microsoft Purview, Defender for Cloud App, Endpoint, Identity and Vulnerability Management).
• Hands-on experience establishing and configuring security controls for general security solution (i.e., Azure Active Directory, Azure Identity Protection and Azure RBAC).
• Experience with compliance technologies including Advanced eDiscovery, Data Retention, and Insider Risk Management.
• Experience with Identity technologies including Azure Active Directory P1 & P2.
• Experience in Consulting or in working within multinational environments.

Skills & Attributes:

• Open minded seeking innovative solutions.
• Ability to work within a fast-paced & unstructured environment. Must be able to multi-task and effectively and continually prioritise.
• Ability to adapt to and communicate with different working styles.
• Ability to interact efficiently with senior members of the firm across multiple time zones.
• Demonstrates extensive knowledge in infrastructure and cloud security.
• Excellent communication and presentation skills.
• High level of customer orientation and a convincing demeanour.
• Excellent oral and written English skills. German language proficiency is a plus.
• Familiarity with a programming or scripting languages (especially in KQL and PowerShell) is a plus.
• Familiarity with Power BI, Power Apps, or Power Automate is a plus.
• Knowledge of well-known SaaS technologies (i.e., SAP, Oracle) is a plus.

Required Skills (from list):

• Accepting Feedback
• Active Listening
• Analytical Thinking
• Cloud Administration
• Cloud Engineering
• Cloud Infrastructure
• Cloud Infrastructure Architecture Design
• Cloud Resource Management
• Cloud Security
• Cloud Security Auditing
• Cloud Service Delivery
• Cloud Service Level Risk Management
• Communication
• Creativity
• Cyber Engineering
• Embracing Change
• Emotional Regulation
• Empathy
• Forensic Investigation
• Incident Investigation
• Inclusion
• Information Security
• Infrastructure as a Service (IaaS)
• Intellectual Curiosity
• {+ 19 more} (including Agile Methodologies, Artificial Intelligence, Business Acumen, Business Continuity Management, Cyber Resilience, Data Forensics, Data Loss Prevention, Digital Transformation, Information Security Governance, Information Security Strategy, Network Security, Problem Solving, Risk Management, Security Architecture, Security Operations, Software as a Service (SaaS), System Security, Teamwork, Threat Intelligence)

Optional Skills (from list):

• Accepting Feedback

How to Apply:

• No specific application instructions (e.g., required documents, submission method, or contact details) were explicitly provided in the job description. Applicants are advised to refer to the original source or PwC's career portal for specific application procedures.

General Conditions:

• Travel Requirements: Not Specified.
• Available for Work Visa Sponsorship: Yes.
• Government Clearance Required: No.

View Official Posting & Apply