Line of Service
Advisory

Industry/Sector
Not Applicable

Specialism
Cybersecurity & Privacy

Management Level
Senior Associate

Job Description & Summary
As a Senior Associate-SIEM Implementation Engineer, unlock your potential and embrace the chance to drive meaningful outcomes that'll elevate your career. Your role will include, but isn't limited to:

• Lead technical deliverables for SIEM implementation and operations including Microsoft Sentinel, Google SecOps, Palo Alto XSIAM, and Devo.
• Perform Proof of Concept (PoC) and Proof of Value (PoV) engagements to evaluate SIEM capabilities and demonstrate value to stakeholders.
• Conduct SIEM assessments to identify gaps, recommend improvements, and align with security best practices.
• Develop and maintain data pipelines for log ingestion, normalization, and enrichment across cloud and on-prem environments.
• Integrate log sources using connectors, custom scripts, and parsers to ensure complete visibility and compatibility with SIEM platforms.
• Build use cases aligned with NIST and MITRE ATT&CK frameworks to enable detection at various stages of a cyber-attack.
• Implement detection rules using SPL/KQL with complex correlation across different data sources.
• Develop dashboards, alerts, and workbooks for security monitoring and reporting.
• Implement SOAR workflows using Logic Apps, Phantom, Demisto, and XSOAR platforms.
• Perform health checks, tuning, and optimization of SIEM platforms to ensure high performance and accuracy.
• Create and maintain documentation including SOPs, runbooks, architecture diagrams, and onboarding guides.
• Collaborate with cross-functional teams including SOC, threat hunters, infrastructure, and cloud teams to support delivery and ensure quality standards.
• Lead technical deliverables for SIEM implementation and security operations engagements, including log source onboarding, parser development, SIEM content deployment through CI/CD pipelines using GitHub, detection use case implementation, and operational readiness activities.
• Develop and support custom integrations to SIEM platforms, especially Microsoft Sentinel and Google SecOps, including scripts, APIs, parsers, data transformation logic, and data pipeline management activities such as DataBahn.
• Apply AI capabilities in a security-focused manner to improve detection engineering, content optimization, operational efficiency, and analytical outcomes while maintaining strong security and governance awareness.

What You'll Bring:
Your skills, knowledge, and experiences are what set you apart. Here's what we look for:

• Hands-on experience with Microsoft Sentinel, Google SecOps, Palo Alto XSIAM, Devo, and Splunk.
• Strong understanding of SIEM architecture, implementation, integration, log management, and threat detection methodologies.
• Experience in developing and tuning security use cases and alerts.
• Proficiency in scripting languages such as Python, PowerShell, and Bash for automation and data processing.
• Experience with cloud platforms including Azure, GCP, and AWS.
• Knowledge of data pipeline tools including Cribl for log routing, enrichment, and deduplication.
• Familiarity with REST APIs, JSON, and integration of third-party security tools.
• Experience with SOAR platforms and playbook development for incident response automation.
• Understanding of security concepts such as cyber-attacks, threat vectors, risk management, and incident management.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication, documentation, and client engagement skills.
• Experience deploying SIEM content through CI/CD practices using GitHub, including version control, peer review, change tracking, and structured promotion of content across environments.
• Experience managing security data pipelines and ingestion workflows, including data transformation, normalization, troubleshooting, and platforms or capabilities such as DataBahn.
• Strong understanding of AI concepts and tools, with the ability to apply them in security-oriented use cases such as detection improvement, threat analysis, automation support, and security operations optimization.
• Proficiency in Microsoft Office tools, especially Excel, Word, PowerPoint, Teams, and Outlook, with the ability to create polished client-facing documents, trackers, presentations, and meeting outputs.
• PwC Canada is committed to cultivating an inclusive, hybrid work environment. Exact expectations for your team can be discussed with your interviewer.

Qualifications:

• Bachelor's degree in computer science, Cybersecurity, or related field.
• Preferred certifications: Microsoft Certified: Security Operations Analyst Associate, SC-200, AZ-500, Google Professional Cloud Security Engineer, CISSP, CISM, GIAC.
• Minimum 3 years of experience in SIEM implementation and security operations.
• Demonstrated ability to work collaboratively across teams and manage multiple client engagements.
• Commitment to continuous learning and adapting to evolving cybersecurity technologies.
• Experience in a consulting, client delivery, or professional services environment is preferred.

This position ensures continuity and upholds our standards of excellence following the departure of a valued team member.

The salary range for this position is $84,700 - $134,700. The posted salary range represents the expected hiring range for PwC locations in major city centres. Given our national recruiting approach, ranges may vary for positions in other locations. At PwC Canada, base salary is determined by your skills, experience, qualifications and work location. In addition to base salary, eligible employees may have opportunities to participate in variable incentive pay programs which are designed to reward individual and firm-wide achievements. We are committed to offering competitive compensation and adhere to all relevant pay transparency legislation. During the hiring process, our Talent Acquisition team will provide details about our comprehensive total rewards package.

Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements
Not Specified

Available for Work Visa Sponsorship?
No

Government Clearance Required?
No

Job Posting End Date