IN-Senior Associate VAPT Security Testing Advisory Chennai

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Operations

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job Description & Summary:

In-depth knowledge and hands-on experience in VAPT , including: Web Application Vulnerability Assessment & Penetration Testing, Mobile Application Vulnerability Assessment & Penetration Testing , API and Network Penetration Testing.

Responsibilities:

· Plan, coordinate, and execute Vulnerability Assessment and Penetration Testing (VAPT) activities to identify and remediate security vulnerabilities.

· Utilize your comprehensive understanding of OWASP Top Ten and SANS 25 vulnerabilities to prioritize testing efforts and focus on high-risk areas within applications.

· Conduct hands-on security testing of API, mobile applications, web applications, and Infra to identify security vulnerabilities and recommend mitigation strategies.

· Document vulnerabilities, findings, and recommendations in detailed reports. Present results to stakeholders, including senior management and technical teams.

· Stay informed about emerging security threats, vulnerabilities, and trends in the financial sector to proactively enhance security controls and defenses.

Mandatory skill sets:

· In-depth knowledge of security issues, exploitation techniques and remediation measures.

· Hands-on Experience in Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets ( IP,Web,Mobile,API and AWS)

· Hands-on experience with well-known security tools BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc

· Understanding of web application security vulnerabilities (OWASP Top 10), including XSS, SQL injection, CSRF, and others.

· Strong knowledge of network security concepts, firewalls, VPNs, IDS/IPS, and TCP/IP protocols.

· Familiarity with mobile security vulnerabilities in iOS and Android platforms, including reverse engineering, mobile app testing, and OWASP Mobile Security Project.

· Strong written and verbal communication skills for delivering clear, concise security reports and presenting findings to stakeholders.

Preferred skill sets: · Strong organizational, teamwork, multitasking & time management skills. · Outstanding communication abilities. Ability to effectively communicate the required recommendations. · Certifications Preferred: CEH/ OSWE / OSCP / OSCE

Years of experience required: · 4+ Years

Education qualification: · Minimum Qualification: BE/ BTech

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Teamwork Communication

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Embracing Change, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure {+ 11 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date