Risk Services, Technology Risk Services - Penetration Testing / Red Team, Senior Associate / Assistant Manager
Singapore - Marina One
PwC
We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.Line of Service
AssuranceIndustry/Sector
TMT X-SectorSpecialism
Cybersecurity & PrivacyManagement Level
Senior AssociateJob Description & Summary
We believe that challenges are best solved together. That’s why, when you join us, you become part of a diverse and global community of problem-solvers. You'll find an unexpected mix of people who bring their unique expertise to build trust in society and tackle important issues. Here, we welcome and encourage you to lead with value and inspiration, question and challenge assumptions, as well as embrace new opportunities to deliver quality outcomes in exciting and unexpected ways, all with the support of technology.A career in our Risk Services, within Information Technology Risk Services, will allow you to develop and apply strategies that help clients leverage enterprise technologies so they can get a higher return on their investment, mitigate risks, streamline processes, and find operational inefficiencies. We assist clients in understanding and challenging their current risk profiles and develop strategies to build digital confidence by embracing opportunities to stay competitive through building trust and resilience into their technology systems. We cover a wide range of disciplines, including risk evaluation, operational and strategic Information Technology processes, project governance, application implementation, data integrity, cyber security, and accounting/audit.
Our team helps organisations analyses and assess the security environment and application of our client’s information technology systems. You’ll help develop strategies to increase the reliability of system outputs, enhancing systems security and integrity, and developing strategies for ongoing maintenance. Together we can build trust in society and solve important problems.
As our Senior Red Team consultant, you are tasked to deliver security consultancy and assessment services to our clients to improve their cyber resilience.
- Simulating cyber targeted attacks using hackers’ techniques, tactics and procedures on clients’ environment.
- Working with clients and PwC’s threat intelligence team and clients to identify red team objectives, goals and scenarios
- Conducting vulnerability assessment and penetration testing (VAPT) and source code review when required
- Prepare a report on identified security vulnerabilities, attack paths and possible recommendations to remediate the vulnerabilities.
- Researching new hacking techniques, end point security evasion, exfiltration techniques
- Remain up to date on the latest cyber security threats and trends.
- Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Requirements
- Bachelor’s degree in a technical discipline (or equivalent work experience)
- Certs like OSCP, CREST CRT / CCT
- Minimum of 3 years of relevant hi-tech experience, preferably in consulting environment
- Ability to document and explain technical details in a concise, understandable manner
- Have strong interest in studying hackers as well as their techniques, tactics and procedures
Experience in at least three of the following:
- Set up and operate red team infrastructure
- Perform targeted, covert penetration tests with vulnerability identification, exploitation, and post-exploitation activities
- Email, phone, or physical social-engineering assessments
- Shell scripting or automation of simple tasks using Perl, Python, or Ruby
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Reverse engineering malware, data obfuscators, or ciphers
- Strong credentials in wireless, web application, and network security testing
- Thorough understanding of network protocols, data on the wire, and covert channels
As the team experience high volume of applications, we regret to inform that only shortlisted candidates will be notified.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Bash (Programming Language), Common Vulnerability Scoring System (CVSS), Communication, Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption, Ethical Hacking, Firewall (Network Security), Inclusion, Information Security, Information Security Management System (ISMS), Information Security Risk Assessments, Intellectual Curiosity, Intrusion Detection System (IDS), IT Infrastructure, Kali Linux, Learning Agility, Microsoft Active Directory {+ 25 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
YesGovernment Clearance Required?
NoJob Posting End Date
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Automation Bash Clearance Clearance Required CREST CVSS Encryption Ethical hacking Exploit Exploits Firewalls Governance IDS Intrusion detection ISMS IT infrastructure Kali Linux Malware Network security OSCP Pentesting Perl Privacy Python Red team Reverse engineering Risk assessment Ruby Scripting Threat intelligence Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.