Line of Service
AssuranceIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
Senior AssociateJob Description & Summary
A career in our Cybersecurity and Data Privacy practice, within Risk Services, will provide you with the opportunity to help our clients understand and manage their cyber risks. We are a rapidly growing team that helps organisations design, build, and operate secure technology environments — enabling them to protect their most valuable assets, respond effectively to cyber threats, and create trust in an increasingly digital world.As part of our Security Operations team, you will play a key role in helping clients monitor, detect, respond to, and recover from advanced cyber threats by operating, optimising, and enhancing leading security technologies across hybrid and multi-cloud environments. You will act as a senior consultant, leading technical workstreams and mentoring junior team members while contributing to the continuous improvement of our service offerings.
The role may be based at either our Hanoi office or Ho Chi Minh City office. Joining PwC, as a Big4 auditing and consulting firm, the successful candidates will have opportunities to collaborate with cybersecurity and data privacy experts throughout the PwC global network and deliver cybersecurity services for clients in various sectors.
What will your typical day look like?
Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organisation that provides an exceptional career experience with an inclusive and collaborative culture?
Responsibilities:
- Lead the security operations and continuous improvement of enterprise security solutions including SIEM/SOAR, EDR/XDR/NDR, Firewalls/VPNs, IDS/IPS, WAF, DLP, IAM/PAM, and Vulnerability Management platforms across client environments.
- Design, develop, and tune advanced detection use cases, correlation rules, and analytics within SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel) aligned with the MITRE ATT&CK framework.
- Serve as a technical escalation point for complex security incidents, leading investigations, root cause analysis, and coordinating containment, eradication, and recovery activities.
- Deliver cybersecurity and privacy assessments and advisory services based on different international standards such as ISO 27001/27701, PCI-DSS, SWIFT, GDPR, etc and local cybersecurity regulations such as Cybersecurity Law, Personal Data Protection Law, etc.
- Perform security configuration reviews for networks and systems in accordance with good practices/standards
- Engage in specific types of cyber security advisory and consulting projects related to DevSecOps, cloud security operations, etc.
- Work actively in supporting and monitoring business development areas and in following up on proposal processing in accordance with client expectations
- Continuously research and follow up on the latest IT security and privacy challenges and technologies (AI/GenAI, IoT, cloud, mobile, blockchain etc.)
You are someone with:
- 3+ years of proven experience in IT security operations and implementation such as Firewalls/VPNs, IDS/IPS, EDR/XDR/NDR, DLP, IAM/PAM, etc, system security configuration review, IT security compliance assessment and/or cybersecurity audit
- Strong knowledge of endpoint security technologies (CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Trend Micro, etc) — including policy design and tuning.
- Solid experience with network security solutions (Palo Alto, Fortinet, Cisco, Check Point, etc) and modern network detection capabilities.
- Proven cloud security experience across AWS, Azure, and/or GCP — including native services (e.g., AWS GuardDuty, Azure Defender, Microsoft Sentinel) and securing containerised workloads (Kubernetes, Docker).
- Deep understanding of operating systems (Windows, Linux), networking protocols (TCP/IP, DNS, HTTP/S), Active Directory/LDAP, and identity solutions (Azure AD, Okta).
- Working knowledge of and ability to map controls to frameworks and standards: MITRE ATT&CK, NIST CSF, ISO 27001/ISO 27701, CIS Controls, PCI-DSS, GDPR.
- Knowledge of enterprise information security architecture
- Excellent written and verbal communication skills
- Sound business acumen with an understanding of how cybersecurity supports business objectives.
- Self-motivated, proactive, and adaptable, with a strong commitment to continuous learning and professional development.
- Preference will be given to candidates who hold one of the following industry certifications: CCSK, CEH, CHFI, ECIH, CCNA/CCNP, SANS, or equivalent
- Strong preference will be given to candidates who hold one of the following professional certifications: CCSP, CISM, CISA, CRISC, ISO 27001 LA or equivalent
- Good at English (written and spoken).
Why PwC?
At PwC, we measure success by our ability to create the value that our clients and our people are looking for. We are a community of solvers that comes together in unexpected ways to solve our clients' biggest problems.
We offer:
- A competitive compensation package with performance-based bonuses and recognition programs
- Accelerated career progression within one of the world's largest professional services networks
- World-class training and development through PwC Academy, global learning platforms, and certification sponsorship
- Access to cutting-edge cybersecurity tools, threat intelligence, and regional SOC capabilities
- Opportunities for international mobility, secondments, and cross-border engagements
- A diverse and inclusive culture that values your unique perspective and supports your wellbeing
- The chance to work with global leading clients across industries on transformative cybersecurity initiatives
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Up to 20%Available for Work Visa Sponsorship?
NoGovernment Clearance Required?
NoJob Posting End Date
September 21, 2026Other open roles at Pwc(6)
We help you unlock new growth opportunities and reinvent your business with tech and AI innovation. Compete at a speed that rewrites the rules.
Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.