Cyber Associate
Makati - 29th Floor Philamlife Tower, Philippines
Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
SpecialistJob Description & Summary
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.In digital forensics at PwC, you will focus on investigating and analysing digital evidence to uncover and prevent cybercrimes. You will use advanced technology and techniques to identify and mitigate digital threats, maintaining the security and integrity of digital systems.
You are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt, take ownership and consistently deliver quality work that drives value for our clients and success as a team.
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
- Apply a learning mindset and take ownership for your own development.
- Appreciate diverse perspectives, needs, and feelings of others.
- Adopt habits to sustain high performance and develop your potential.
- Actively listen, ask questions to check understanding, and clearly express ideas.
- Seek, reflect, act on, and give feedback.
- Gather information from a range of sources to analyse facts and discern patterns.
- Commit to understanding how the business works and building commercial awareness.
- Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.
Responsibilities:
Conduct cyber-attack simulations as part of the RED team activity
Conduct Vulnerability Assessment and Penetration Testing and configuration review for network, web application , mobile application and thick -client application
Conduct configuration reviews for OS , DB, Firewall, routers, Switches and other security devices/components
Understands Software Development Life Cycle tier including SOAP, REST and GraphQL APIs
Perform manual testing of web applications
Conduct source-code review using automated and manual approaches
Prepare detailed reports
Ensure timely delivery of status updates and final reports to clients
Handle Clients queries
Keep oneself updated on the latest IT Security news ,exploits, hacks
Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks"
Essential Skills:
Thorough and practical knowledge of OWASP, network protocols, data on the wire, and covert channels
Hands on experience with popular security tools – Nessus, Burpsuite, Netsparker, Metasploit, KALI Linux, Fortify, Checkmarx, SonarQube, Sypnosys
Working knowledge of manual testing of web applications
Good knowledge of modifying and compiling exploit code
Good understanding and knowledge of codes languages
Has practical experience in auditing various OS, DB, Network and Security technologies
Strong understanding Unix/Linux/Mac/Windows, operating systems, including bash and Powershell
Experience in at least three of the following:
Set up and operate red team infrastructure
Perform targeted, covert penetration tests with vulnerability identification, exploitation, and post-exploitation activities
Email, phone, or physical social-engineering assessments
Developing, extending, or modifying exploits, shellcode or exploit tools
Reverse engineering malware, data obfuscators, or ciphers
Strong credentials in wireless, web application, and network security testing
Familiar with MITRE ATT&CK framework and D3FEND matrix"
Educational Requirements & Experience
Bachelors in Computer Science/IT/Electronics Engineering or equivalent University degree.
Minimum of 3.5 -7 years of experience in the IT security industry, preferably working in a consulting or IT Services environment.
Certifications: Offensive Security Certified Professional (OSCP), CREST CRT and GIAC Certified Web Application Defender (GWEB)"
Additional Desired Skills
Strong interpersonal, presentation and business communication skills.
Ability to work with minimal levels of supervision or oversight.
Adherence to security policies.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Active Listening, Communication, Computer Forensic Software, Cybersecurity Threat Mitigation, Cyber Threat Intelligence, Digital Forensics, Emotional Regulation, Empathy, EnCase (Investigation Software), Forensic Investigation, Fraud Detection, Fraud Investigation, Incident Investigation, Incident Remediation, Inclusion, Intellectual Curiosity, Intrusion Detection System (IDS), Optimism, Relativity E-Discovery, Teamwork, Vulnerability Assessment, Well BeingDesired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
NoGovernment Clearance Required?
YesJob Posting End Date
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Audits Bash Burp Suite Checkmarx Clearance Clearance Required Computer Science CREST EnCase Exploit Exploits Firewalls Forensics GIAC IDS Intrusion detection Kali Linux Malware Metasploit MITRE ATT&CK Nessus Network security Offensive security OSCP OWASP Pentesting PowerShell Privacy Red team Reverse engineering SDLC SonarQube Threat intelligence UNIX Vulnerabilities Windows
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.