Cybersecurity - Penetration Testing - Experienced Associate
Specialty/Competency: Cybersecurity & Privacy
Industry/Sector: Not Applicable
Time Type: Full time
Government Clearance Required: No
Available for Work Sponsorship: Yes
Travel Requirements: Up to 80%
A career in our Threat, Intelligence and Vulnerability Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You’ll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Our team helps organisations to rapidly and effectively respond to threats against potential security incidents by helping to detect, respond to, investigate, and remediate threats across the incident management life cycle.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
- Invite and give in the moment feedback in a constructive manner.
- Share and collaborate effectively with others.
- Identify and make suggestions for improvements when problems and/or opportunities arise.
- Handle, manipulate and analyse data and information responsibly.
- Follow risk management and compliance procedures.
- Keep up-to-date with developments in area of specialism.
- Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.
- Build and maintain an internal and external network.
- Seek opportunities to learn about how PwC works as a global network of firms.
- Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences:
Minimum Degree Required:
Minimum Years of Experience:
Preferred Fields of Study:
Computer and Information Science, Information Technology, Computer Applications, Computer Engineering, Information CyberSecurity
Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified as GIAC Web Application Penetration Tester (GWAPT).
Demonstrates some abilities and/or a proven record of success in the following areas: - Performing penetration testing activities within a client’s environment, emphasizing manual stealthy testing techniques; - Executing stealthy penetration testing, advanced red team, or adversary simulation engagements using commercially / freely available offensive security tools and utilities built into operating systems; - Understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines; - Identifying security critical vulnerabilities without utilizing a vulnerability scanning tool, i.e., knowledge of exploitable vulnerabilities and ability to execute stealthy penetration testing engagements; - Compromising Active Directory environments and demonstrating business impact by identifying and obtaining access to business critical assets/information; - Performing social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), developing malicious phishing payloads, or pivoting through phished systems; - Performing various workstreams for client engagements that emphasize identifying and addressing client needs; - Participating actively in client discussions and meetings; and, - Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Docs to complete related project deliverables, as necessary.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoadvisoryassociate.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.242062