Penetration Tester / Adversary Simulation Specialist

Job Description & Summary

About the Job

A career within Cybersecurity and Privacy services at PwC offers the opportunity to work on the frontlines of digital defense, helping clients identify vulnerabilities before adversaries do. As cyber threats become more sophisticated, adversary simulation and offensive security are essential to building resilient organizations.

We are growing our cybersecurity capabilities in the Baltics and are seeking a technically skilled and motivated Penetration Tester / Adversary Simulation Specialist to join our team. This role focuses on delivering offensive security engagements, both for local clients and in collaboration with PwC teams across the broader Central and Eastern Europe region.

As a Penetration Tester / Adversary Simulation Specialist, you will lead and support offensive security engagements including infrastructure, web application, and cloud penetration testing, as well as red and purple teaming initiatives. You will simulate real-world attack scenarios, identify exploitable weaknesses, and provide actionable guidance to clients seeking to strengthen their defenses. 

 

Main Responsibilities: 

• Conduct infrastructure, application, and cloud penetration tests using industry-standard tools and custom scripts. 

• Simulate advanced attack scenarios through red team or assumed breach exercises. 

• Develop and deliver clear, technically accurate findings and remediation guidance to both technical and executive stakeholders. 

• Collaborate with incident response, cloud security, and digital identity teams to integrate offensive insights into broader cyber programs. 

• Stay current on threat actor tactics, techniques, and procedures (TTPs) and continuously evolve testing approaches. 

• Contribute to development of internal toolkits, testing procedures, and service documentation. 

Requirements: 

• 3+ years of hands-on experience in penetration testing or offensive security roles. 

• Proficiency in using tools such as Burp Suite, Metasploit, Cobalt Strike, and scripting languages like Python or PowerShell. 

• Understanding of MITRE ATT&CK framework and red/purple team methodologies. 

• Relevant certifications such as OSCP, CRTP, OSCE, or similar are highly desirable. 

• Strong analytical, problem-solving, and communication skills; fluent English required. 

 

Why PwC? 

• Join a growing cybersecurity practice with strong ties to regional and global PwC networks. 

• Engage with diverse clients across the Baltics and internationally. 

• Take advantage of continuous learning opportunities and support for professional certifications. 

• Become part of our supportive, growth-oriented environment with flexible work arrangements. 

• Contribute to building a leading offensive security capability in the Baltics. 

 

Time to start: Autumn 2025