Cyber Associate

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Specialist

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

In digital forensics at PwC, you will focus on investigating and analysing digital evidence to uncover and prevent cybercrimes. You will use advanced technology and techniques to identify and mitigate digital threats, maintaining the security and integrity of digital systems.

You are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt, take ownership and consistently deliver quality work that drives value for our clients and success as a team.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives, needs, and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen, ask questions to check understanding, and clearly express ideas.
• Seek, reflect, act on, and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.

Responsibilities: 

 

Conduct cyber-attack simulations as part of the RED team activity 

Conduct Vulnerability Assessment and Penetration Testing and configuration review for network, web application , mobile application and thick -client application 

Conduct configuration reviews for OS , DB, Firewall, routers, Switches and other security devices/components 

Understands Software Development Life Cycle tier including SOAP, REST and GraphQL APIs 

Perform manual testing of web applications 

Conduct source-code review using automated and manual approaches 

Prepare detailed reports 

Ensure timely delivery of status updates and final reports to clients 

Handle Clients queries 

Keep oneself updated on the latest IT Security news ,exploits, hacks 

Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks" 

 

Essential Skills: 

 

Thorough and practical knowledge of OWASP, network protocols, data on the wire, and covert channels 

Hands on experience with popular security tools – Nessus, Burpsuite, Netsparker, Metasploit, KALI Linux, Fortify, Checkmarx, SonarQube, Sypnosys  

Working knowledge of manual testing of web applications 

Good knowledge of modifying and compiling exploit code 

Good understanding and knowledge of codes languages 

Has practical experience in auditing various OS, DB, Network and Security technologies 

Strong understanding Unix/Linux/Mac/Windows, operating systems, including bash and Powershell 

 

Experience in at least three of the following: 

Set up and operate red team infrastructure 

Perform targeted, covert penetration tests with vulnerability identification, exploitation, and post-exploitation activities 

Email, phone, or physical social-engineering assessments 

Developing, extending, or modifying exploits, shellcode or exploit tools 

Reverse engineering malware, data obfuscators, or ciphers 

Strong credentials in wireless, web application, and network security testing 

Familiar with MITRE ATT&CK framework and D3FEND matrix" 

 

 Educational Requirements & Experience 

 

Bachelors in Computer Science/IT/Electronics Engineering or equivalent University degree. 

Minimum of 3.5 -7 years of experience in the IT security industry, preferably working in a consulting or IT Services environment. 

Certifications: Offensive Security Certified Professional (OSCP), CREST CRT and GIAC Certified Web Application Defender (GWEB)" 

 

Additional Desired Skills 

 

Strong interpersonal, presentation and business communication skills. 

Ability to work with minimal levels of supervision or oversight. 

Adherence to security policies. 

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Active Listening, Communication, Computer Forensic Software, Cybersecurity Threat Mitigation, Cyber Threat Intelligence, Digital Forensics, Emotional Regulation, Empathy, EnCase (Investigation Software), Forensic Investigation, Fraud Detection, Fraud Investigation, Incident Investigation, Incident Remediation, Inclusion, Intellectual Curiosity, Intrusion Detection System (IDS), Optimism, Relativity E-Discovery, Teamwork, Vulnerability Assessment, Well Being

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

Yes

Job Posting End Date