Senior Associate – Cyber Security Forward Deployed Engineer

The Opportunity:  

As a Senior Associate – Cyber Security Forward Deployed Engineer  , unlock your potential and embrace the chance to drive meaningful outcomes that’ll elevate your career. Your role will include, but isn’t limited to: 

• Design, develop, test, and deploy security solutions across cloud (AWS/Azure/GCP) and applications (SDLC integrations, AppSec pipelines) 

• Implement and integrate a variety of security products (e.g. Cloud & Application Security); configure secure baselines; perform cloud and Kubernetes security architecture reviews and remediation. 

• Build production-quality code and infrastructure including but not limited to secure CI/CD pipelines, IaC modules, cloud landing zones. 

• Work with cloud architects and developers to implement security solutions including cloud platforms and applications. Configure security controls (identity & access management, data encryption, network security) and ensure cloud configurations follow leading security practices and compliance requirements. 

• Conduct security assessments and threat modeling for client cloud environments and applications, identifying vulnerabilities, misconfigurations, and compliance gaps.  

• Deliver cloud and application security strategy engagements and advise organizations on how to transform their current cloud & application security practice.  

• Integrate security into the software development lifecycle, collaborating with DevOps teams to incorporate automated security tools and secure coding practices (DevSecOps) into CI/CD pipelines. Design secure architecture and coding guidelines, ensuring that new applications and services are built with security by design. 

• Support the delivery of client projects by preparing clear, high-quality deliverables (reports, presentations, technical documentation) that communicate security findings and recommendations effectively. Engage with client stakeholders, explaining technical issues in clear terms and advising on improving cloud and app security postures from planning through deployment. 

• Collaborate within multidisciplinary teams – including other cybersecurity specialists, data architects, and business consultants – to deliver comprehensive security solutions. Contribute to knowledge sharing and mentor associates by demonstrating best practices in cloud and application security (review code; write runbooks, ADRs, and technical documentation). Stay updated on emerging cloud and application security trends (e.g., new cloud security services, emerging threats, compliance changes) to continuously improve our offerings. 

• Contribute to pre-sales: POCs, demos, prototypes, RFP technical content, solution architecture artifacts. 

What You'll Bring: 
Your skills, knowledge, and experiences are what set you apart. Here's what we look for: 

• Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity or a related discipline (STEM). 3–6+ years of relevant experience in hands-on software development, security engineering, DevSecOps, or cloud security.  

• Solid hands-on with at least one major cloud (AWS, Azure, GCP) — IAM, networking, KMS, native security services (GuardDuty, Defender, SCC), and IaC (Terraform). 

• One of the following depth areas:  Cloud: Kubernetes (EKS/AKS/GKE), Helm, container security (Falco, Trivy), CSPM/CNAPP tooling (Wiz, Prisma, Defender for Cloud, Lacework), zero-trust networking. AppSec: Secure SDLC, SAST/DAST/SCA, API security, threat modeling, secure code review, secrets management, supply-chain security. 

• Familiarity with security platforms: Microsoft Defender, Google SecOps/Chronicle, CrowdStrike, Splunk, Sentinel, or equivalents. 

• Solid understanding of core cloud security concepts (network segmentation, identity & access management, encryption, monitoring) and secure application development practices (e.g., familiarity with OWASP Top 10 vulnerabilities and remediation). 

• Experience in security architecture reviews or implementation of security controls for cloud services and applications.  

• Proficiency in one or more scripting or programming languages (e.g., Python, Java, or similar) is expected. 

• Effective communication and problem-solving skills, able to break down complex security concepts and translate technical findings into business implications. 

• Experience working in project-based or consulting environments, with a record of delivering results collaboratively in team-oriented projects to meet client needs under guidance of project leaders. 

• Knowledge of security standards and frameworks (e.g., NIST CSF, ISO 27001 compliance, CSA Cloud Controls, etc.) is advantageous for performing security assessments and guiding clients on compliance best practices. 

• PwC Canada is committed to cultivating an inclusive, hybrid work environment. Exact expectations for your team can be discussed in your interview.

Preferred Qualifications - Forward Deployed Engineer (FDE) Skillset: 

•   Professional certifications such as Certified Cloud Security Professional (CCSP), AWS/Azure Solutions Architect or specialty, CISSP, CKS, or relevant cloud/application/cybersecurity certifications are considered strong assets.  

• Experience in AI Security including LLM application development (prompt engineering, RAG), LangChain/LangGraph, MCP server development, AI/ML frameworks (PyTorch, HuggingFace), MLOps (Docker, Kubernetes, CI/CD for models), AI red-teaming, LLM observability. 

• Experience embedding directly with customers to deploy and operationalize a security or AI product in their environment — building custom integrations, telemetry sources, and bespoke workflows. 

• Comfort with the FDE working model: hands-on debugging in unfamiliar customer systems (Linux, Kubernetes, networki  ng, distributed systems) and converting customer friction into product improvements. 

• Anticipatory problem-solving in ambiguous, on-site / production environments. 

• Open-source contributions to AI, security, or cloud-native tooling.