Vacatures voor IT specialisten in finance
logo PwC

Incident Response Expert - PwC

Locatie: Amsterdam
As Incident Response Expert you help clients perform assessments and prepare for and respond to the tactical and strategic impacts of cybersecurity incidents.

As we aim to rapidly grow our Cyber Security, Forensics & Privacy practice, we are looking for experienced consultants who are passionate about how strategy and technology can improve the role of cyber security, privacy and data protection in our digital world.

Our Cyber Security, Forensics & Privacy practice (CF&P)

This team works on creating a more security society for major International and local organisations. Together with 150 professionals in the Netherlands you could work on leading and cutting edge projects covering the whole scope of Cyber Security from; From Ethical Hacking to Threat Detection and Forensic Research both preventing and solving cybercrime.  Also covering Privacy, Compliance, Policy & Governance to Security Architecture and implementation, to Identity and Access Management. 

If you want to deep dive into our CF&P practice, take a look at our different competence teams:

Your Role
Our Incident and Threat Management team help clients perform assessments and prepare for and respond to the tactical and strategic impacts of cybersecurity incidents. We assist in understanding the unique threats to client’s organizations through analysis of the threat landscape; we also leverage government, law enforcement, and peer resources to more effectively combat threats through information-sharing opportunities such as ISAOs and information-sharing models.

Position/Program Requirements
Minimum Year(s) of Experience: 5
Minimum Degree Required: Bachelor's degree

Certification(s) Preferred
- EnCase Certified Examiner (EnCE)
- AccessData Certified Examiner (ACE)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Reverse Engineering Malware (GREM) and,
- GIAC Network Forensic Analyst (GNFA)

Knowledge preferred
Demonstrates thorough knowledge and/or a proven record of success in the following areas:  

  • Current FRCP Guidelines and evidential continuity of industry leading practices including chain of custody
  • The development and application of technical threat intelligence in the cyber attack lifecycle, the management of multi-source threat intelligence fusion and production of technical intelligence reports
  • Windows system internals and ability to identify common indicators of compromise from dead or live systems and live memory using tools such as the SysInternals suite, RegRipper, Volatility, HBGary Responder or other live response tools
  • Dynamic and static malware analysis and sandboxing with the ability to reverse engineer and debug malware samples using tools such as IDA Pro, Responder Pro or OllyDbg, including defeating anti debugging, packing and obfuscation techniques; and Scripting languages such as Python, Perl, or PowerShell and their use in forensic analysis & live incident response, or experience using other programming languages to develop software for host-centric, network-centric or log-centric security analysis.

Skills Preferred
Demonstrates thorough abilities and/or a proven record of success in the following areas: 

  • Supporting our customers in proactively planning for and defending against a variety of cyber threats using both commercial and custom technology and threat intelligence sources
  • Performing in-depth forensic analysis on captured logs, network traffic collections, volatile memory or host images to identify and trace breach indicators and develop actionable threat intelligence
  • Forensically securing, preserving, and capturing volatile or physical disk data from workstations, laptops, servers, and network infrastructure devices thereby establishing that the evidential integrity of the data is not compromised
  • Drafting reports and presentations to explain our findings and recommendations
  • Researching and developing new procedures, scripts, tools, and techniques to continually refine and update our incident response processes
  • Developing and curating APT and targeted attack intrusion sets along with campaign research and tracking experience
  • Gleaning and analysing security information from enterprise network and host based sensors, such as IDS/IPS systems, HIDS, SIEMs, AD controllers, and firewalls
  • Analyzing raw network traffic captures or deployment and use of network forensics or monitoring devices such as Suricata, Sguil,
  • SQueRT, SNORT, and other vendor specific tools
  • Deploying and using enterprise EDR products such as Tanium, Crowdstrike, EnCase Cybersecurity, Fidelis, Damballa, FireEye 
    Forensic capture, & investigation tools such as EnCase, AccessData, X-Ways, SIFT, Security Onion, or F-Response
  • Mapping and navigating complex IT environments, selecting and deploying appropriate techniques and tools to quickly triage a compromised environment, correlating data from multiple sources to evaluate the scope, and impact of a breach; and,coordinating with client subject matter experts in order to devise innovative data capture protocols and procedures that will maintain evidential continuity, whilst not adversely affecting business continuity.

What are we offering?
We offer you the unique opportunity to get to know the whole scope of PwC's Cyber Security, Forensics & Privacy practice. This way you will develop a strong network. We pay a lot of attention to your personal development by means of both, on the job as well as various soft-skill trainings.

When you start working at PwC, you can count on diverse clients, inspiring colleagues and attractive employment terms with attention for your growth and work-life balance.

Who are we?
We are PwC, established in 1849. Through various mergers, we have now become a worldwide business service provider with activities in the field of Digital Technology, Assurance, Tax and Advisory. In this field, we operate within a large range of sectors and clients. 

We employ 223,000 people, across 157 countries PwC Nederland employs a total of over 4,700 people. Our relevance and purpose is ‘building trust in society and solving important problems’. This manifests itself in the way we work and who we are, guided by our values: Act with integrity, Make a difference, Care, Work together and Reimagine the possible. For more background information about us, visit our website.

Apply now
Are you interested in this career opportunity and do you think you are suitable to excel in this role? Apply directly via the form below. After you submit your application, including CV, motivation letter and transcripts we will be in touch within two weeks to report on your application’s progress. 


Information and application:


Please send your application for Incident Response Expert at PwC in Amsterdam including your CV via our website.

Job posted

24 november 2018
Apply Now

More information:

If you have any questions relating to this vacancy, don't hesitate to call me or send me an email.

Minka van den Burg
t. +31(0)88 792 68 01

Wil je deze vacature delen met je netwerk?

delen via Facebook delen via LinkedIn delen via Twitter Tell a friend Print vacature


Argonweg 14
1362 AA Almere

Postbus 60184
1320 AE Almere

Tel: 036 - 7440 136

KvK 32090652
ING Bank NL91INGB065.42.67.456
BTW NL.8106.57.041.B01

Wie we zijn is onderdeel van het platform van CareerGuide, 25 vacaturebanken voor specialisten!
Onze vacaturebanken (geen bemiddeling) bieden professionals relevante vacatures binnen hun expertise.

Ook een vacature plaatsen? Neem contact met ons op:

Nienke Smit   Pieter Lammers
Nienke Smit
  Pieter Lammers
Linkedin    Twitter    Contact met Nienke Smit via WhatsApp   Linkedin    Twitter    Contact met Pieter Lammers via WhatsApp