Risk Services, Manager Assistant Manager Offensive Security (Security Testing Delivery & Business Development)

PricewaterhouseCoopers

Job Location:

Singapore - Singapore

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Line of Service

Assurance

Industry/Sector

TMT X-Sector

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

At PwC we help clients build trust and reinvent so they can turn complexity into competitive advantage. Were a tech-forward people-empowered network with more than 370000 people in 149 countries. Across audit and assurance tax and legal deals and consulting we help clients build accelerate and sustain momentum. Find out more at .

We are looking for an experienced offensive security professional to take on a leadership role in delivering end-to-endSecurity Testingengagements(VAPTHCRandSCRetc.)while actively contributing to business development efforts.The ideal candidate combines strong technical expertise in security assessments with proven project management capabilities and a commercial mindset.This role sits within our Risk and Security Controls practice where the team helps organizations analyze and strengthen the security posture of their information technology systems and environments.

Key Responsibilities

A. End-to-EndSecurity TestingProject Management & Delivery

Own and manageSecurity Testingengagements end-to-endfrom scoping scheduling resource allocation execution quality review reporting and closure within strict time-sensitive deadlines.

Manage multiple concurrent projects simultaneously ensuring adherence to SLAs timelines and quality benchmarks.

Develop andmaintainproject plans trackers and status dashboardsfor all active engagements.

Coordinate with internal teams(consultants QA reviewers threat intelligence) to ensuretimelydelivery and consistent output quality.

Conduct kick-off calls weekly status reviews and post-engagement debriefswith clients.

Proactivelyidentifyproject risks and delays escalate where needed and drive resolution to keep engagements on track.

Ensure all deliverables(reports presentations remediation guidance) undergo quality review before client submission.

Define and continuously improveSecurity Testingdelivery processes templates checklists and methodologies for operational efficiency.

B. Technical Delivery & Consultancy

Conduct vulnerability assessments and penetration testing (VAPT) across networks web applications mobile applications APIs cloud environments and infrastructure.

Perform source code reviews when.

Collaborate with clients and the threat intelligence team to define assessmentobjectives goals scope and scenarios.

Simulate cyber-targeted attacks using adversary techniques tactics and procedures (TTPs) on client environments where red team engagements are.

Prepare detailed reports onidentifiedsecurity vulnerabilities attack paths and actionable remediation recommendations.

Develop comprehensive andaccuratereports and presentations forbothtechnical and executive audiences.

Stay up to date on the latest cybersecurity threats attack techniques and industry trends.

Interface with clients to address concerns issues or escalations; track and drive to closure any issues that impact service delivery and client satisfaction.

C. Business Development (BD) & Pre-Sales

Support pre-sales activities-participatein client pitches RFP/RFI responses and proposal development for VAPT and security assessment services.

Contribute to revenue targetsbyidentifyingupsell and cross-sell opportunities within existing client accounts.

Build and nurture long-term client relationshipsto drive repeat business and strategic partnerships.

Develop service offerings capability decks and case studiesto support the BD pipeline.

Represent the organizationat industry events webinars and conferences to build brand visibility and generate leads.

D. People & Team Management

Mentor guide and review the work of junior consultants and analysts.

Support hiring onboarding and skill development within the offensive security team.

Foster a culture of quality accountability and continuous learning.

Requirements & QualificationsEducation

Bachelors degree in ComputerEngineering/Science Information Security or a related technical discipline (or equivalent work experience).

Experience

Minimum5-8 yearsof relevant experience in offensive security /Security Testing preferably in aconsulting or professional services environment.

Proventrack recordof managing multipleSecurity Testingprojects simultaneouslywith tight time-sensitive deadlines.

Hands-on experience inend-to-end engagement delivery-scoping execution reporting and closure.

Demonstrated experience inpre-sales proposal writing or business developmentin cybersecurity services.

Experience witheffort estimation scoping and pricingof security assessment engagements.

Certifications(Required-must have at minimum)

CREST CRT

Certifications (Preferred / Nice-to-Have)

OSCP (Offensive Security Certified Professional)

CREST CCT

GPEN GWAPT or equivalent

OSWE OSED CRTO CRTP

PMP / PRINCE2 or equivalent project management certification

CEH (as a baseline)

Technical Skills & Experience

Experience inat least fourof the following:

Performing targeted penetration tests including vulnerability identification exploitation and post-exploitation across networks web apps APIs mobile and cloud.

Strong credentials inwireless web application and network security testing.

Setting up andoperatingred team / penetration testing infrastructure.

Shell scripting or automation of tasks usingPython Perl Bash Ruby or PowerShell.

Thorough understanding ofnetwork protocols data on the wire and covert channels.

Strong understanding ofUnix/Linux/Mac/Windows operating systems.

Familiarity withcloud security assessments(AWS Azure GCP).

Experience withcompliance-driven VAPTaligned to frameworks such as PCI-DSS ISO 27001 NIST SOC 2 HIPAA etc.

Soft Skills & Competencies

Excellent stakeholder managementand client-facing communication skills.

Ability to document and explain technical details in aconcise understandable mannerto both technical and non-technical audiences.

Strongorganizational and multitaskingabilities-comfortable managing competing priorities under pressure.

Commercial awareness and aresults-driven mindsetfor BD contributions.

Proficiencywithproject management.

Leadership qualities-ability tomotivate teams and drive accountability.

As the teamexperiencehigh volume of applications we regret toinformthat only shortlisted candidates will be notified.

Education (if blank degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank certifications not specified)

Required Skills

Optional Skills

Accepting Feedback Accepting Feedback Active Listening Analytical Thinking Bash (Programming Language) Common Vulnerability Scoring System (CVSS) Communication Creativity Cybersecurity Embracing Change Emotional Regulation Empathy Encryption Ethical Hacking Firewall (Network Security) Inclusion Information Security Information Security Management System (ISMS) Information Security Risk Assessments Intellectual Curiosity Intrusion Detection System (IDS) IT Infrastructure Kali Linux Learning Agility Microsoft Active Directory 25 more

Desired Languages (If blank desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship

Yes

Government Clearance Required

Job Posting End Date

Required Experience:

Manager

Line of ServiceAssuranceIndustry/SectorTMT X-SectorSpecialismCybersecurity & PrivacyManagement LevelSenior AssociateJob Description & SummaryAt PwC we help clients build trust and reinvent so they can turn complexity into competitive advantage. Were a tech-forward people-empowered network with more ...