Vulnerability Management (L3)

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation's security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.

Senior Associate – Vulnerability Management (L3)

Role Summary

The L3 Vulnerability Management Senior Associate is a senior technical role within Cyber Data & Technology Risk Managed Services, responsible for leading advanced vulnerability management operations in large-scale enterprise environments. The role acts as the primary escalation point for complex vulnerability analysis, risk-based prioritization, and remediation governance, ensuring alignment with business risk and regulatory requirements.

Key Responsibilities

• Perform advanced vulnerability analysis, including exploitability validation and false positive identification
• Prioritize vulnerabilities using a risk-based approach (CVSS, EPSS, threat intelligence, MITRE ATT&CK)
• Lead remediation coordination, tracking, escalation, and validation activities
• Configure, optimize, and support vulnerability management platforms and integrations
• Drive automation and operational improvements across the VM lifecycle
• Prepare technical and executive-level reports, dashboards, and risk metrics
• Provide technical leadership and guidance to Tier 1 and Tier 2 analysts
• Support client interactions, governance forums, and continuous improvement initiatives

Required Experience & Qualifications

• 5–7 years of experience in Vulnerability Management within large-scale enterprise environments
• Strong understanding of the end-to-end vulnerability management lifecycle
• Hands-on experience with vulnerability scanning and patch management tools
• Ability to translate technical findings into business risk insights

• Understand the importance of have a correct information management
• Knowledge of Information Security and Data Protection
• Correct Information Security Management

All qualified applicants will receive consideration for employment at PwC without regard to ethnicity; creed; color; religion; national origin; age; disability; neurodiversity; sexual orientation; gender identity or expression; marital; or any other status protected by law. PwC is proud to be an inclusive organization and equal opportunity employer.