CDE-Cyber Security- Penetration Testing-Senior Associate - Bangalore

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

A career in our Cybersecurity Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs data analytics innovation deals cyber resilency response and technical implementation activities. You will have access to not only the top Cybersecurity Privacy and Forensics professionals at PwC but at our clients and industry analysts across the globe.

The Cyber Penetration Testing (CPT2 team focuses on delivering threat actor simulation services device or application assessments and penetration tests. You will help clients understand the tangible risks they face from a variety of threat actors and what they target to include different postures scenarios or targeted assets. Working as a member of CPT2 also provides the opportunity to directly help clients enhance or tune their preventative and detective controls on a proactive basis.

Our team focuses on assessment and recommendation services that blend deep technical manual tradecraft with targeted automation to simulate real threats to a clients environments. As a part of this center of excellence you will drive change at PwCs clients by providing risk outside of the theoretical while contributing to the technical acumen of the practice and amplifying your own personal capabilities.

To really stand out and make us fit for the future in a constantly changing world each and every one of us at PwC needs to be an authentic and inclusive leader at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines geographies and career paths and provides transparency on the skills we need as individuals to be successful and progress in our careers now and in the future.

As a Senior Associate youll work as part of a team of problem solvers helping to solve complex business issues from strategy to . PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness personal strengths and address development areas.
• Delegate to others to provide stretch opportunities and coach to help deliver results.
• Develop new ideas and propose innovative solutions to problems.
• Use a broad range of tools and techniques to extract insights from from current trends in business area.
• Review your work and that of others for quality accuracy and relevance.
• Share relevant thought leadership.
• Use straightforward communication in a structured way when influencing others.
• Able to read situations and modify behavior to build quality diverse relationships.
• Uphold the firms code of ethics and business conduct.

Job Description Senior Associate Cybersecurity (Penetration Testing)

Role: Penetration Testing Senior Associate

Years of Experience: 4 to 8 years

Minimum Degree Required:Bachelors or masters degree in Computer Science/Communications or related field from reputed Indian universities

Certification(s) Preferred:Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) Certified as GIAC Web Application Penetration Tester (GWAPT).

Required Experience:

• 48 years of industry experience in Web and Mobile Application security assessment
• Familiarity with application security guidelines/requirements fromOWASP OSSTMMNIST CSF
• Experience in security assessment activities within a clients environment emphasizing manual stealthy testing techniques using commercially / freely available offensive security tools and utilities built into operating systems
• Hands on experience on security testing tools such as Burp SuiteMimikatz Cobalt StrikePowerSploit Metasploit Nessus Web Inspect or other tools included within the Kali Linux distribution
• Should have common programming and scripting skills such as Python PowerShell Ruby Perl Bash JavaScript or VBScript
• Must have indepth knowledge of modern web and mobile applications
• Good knowledge of security fundamentals Networking protocols TCP/IP stack systems architecture and operating systems
• Good understanding of cloud technologies and its security best practices

Additional Qualifications:

• Good to have experience in presenting at national and international security conferences/events

Required Communication Presentations and General skills:

• Excellent communication skills and executive presence that enable effective engagement with senior stakeholders
• Excellent written skills ability to interpret a security scenario & document a summary
• Participating actively in client discussions and meetings and communicating a broad range of potential addon services based on identified weaknesses
• Demonstrates proven extensive abilities with leveraging creative thinking and problemsolving skills individual initiative
• Communicating in an organized and knowledgeable manner in written and verbal formats including delivering clear requests for information and communicating potential conflicts
• Must communicate consistently and drive objectives relying on factbased decisions about risk that optimize the tradeoff between risk mitigation and business performance
• Good presentation project management facilitation and delivery skills as well as strong analytical and problemsolving capabilities
• Develop/Implement automation solutions and capabilities that are clearly aligned to client business technology and threat posture
• Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that theyre adequately addressed in clients security strategy plans and architecture artifacts

Professional and Educational Background

Bachelors Degree Preferred.

Education (if blank degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank certifications not specified)

Required Skills

Optional Skills

Accepting Feedback Accepting Feedback Active Listening Analytical Thinking Bash (Programming Language) Common Vulnerability Scoring System (CVSS) Communication Creativity Cybersecurity Embracing Change Emotional Regulation Empathy Encryption Ethical Hacking Firewall (Network Security) Inclusion Information Security Information Security Management System (ISMS) Information Security Risk Assessments Intellectual Curiosity Intrusion Detection System (IDS) IT Infrastructure Kali Linux Learning Agility Microsoft Active Directory 25 more

Desired Languages (If blank desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship

No

Government Clearance Required

No

Job Posting End Date