• Job Description

  Req#: 646148WD

  Line of Service

  Advisory

  Industry/Sector

  Not Applicable

  Specialism

  Cybersecurity & Privacy

  Management Level

  Specialist

  Job Description & Summary

  At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.
  
  In digital forensics at PwC, you will focus on investigating and analysing digital evidence to uncover and prevent cybercrimes. You will use advanced technology and techniques to identify and mitigate digital threats, maintaining the security and integrity of digital systems.

  You are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt, take ownership and consistently deliver quality work that drives value for our clients and success as a team.

  Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

  • Apply a learning mindset and take ownership for your own development.
  • Appreciate diverse perspectives, needs, and feelings of others.
  • Adopt habits to sustain high performance and develop your potential.
  • Actively listen, ask questions to check understanding, and clearly express ideas.
  • Seek, reflect, act on, and give feedback.
  • Gather information from a range of sources to analyse facts and discern patterns.
  • Commit to understanding how the business works and building commercial awareness.
  • Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.

  Responsibilities:

  Conduct cyber-attack simulations as part of the RED team activity

  Conduct Vulnerability Assessment and Penetration Testing and configuration review for network, web application , mobile application and thick -client application

  Conduct configuration reviews for OS , DB, Firewall, routers, Switches and other security devices/components

  Understands Software Development Life Cycle tier including SOAP, REST and GraphQL APIs

  Perform manual testing of web applications

  Conduct source-code review using automated and manual approaches

  Prepare detailed reports

  Ensure timely delivery of status updates and final reports to clients

  Handle Clients queries

  Keep oneself updated on the latest IT Security news ,exploits , hacks

  Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks"

  Essential Skills:

  Thorough and practical knowledge of OWASP, network protocols, data on the wire, and covert channels

  Hands on experience with popular security tools – Nessus, Burpsuite , Netsparker , Metasploit, KALI Linux, Fortify, Checkmarx , SonarQube, Sypnosys

  Working knowledge of manual testing of web applications

  Good knowledge of modifying and compiling exploit code

  Good understanding and knowledge of codes languages

  Has practical experience in auditing various OS, DB, Network and Security technologies

  Strong understanding Unix/Linux/Mac/Windows, operating systems, including bash and Powershell

  Experience in at least three of the following:

  Set up and operate red team infrastructure

  Perform targeted, covert penetration tests with vulnerability identification, exploitation, and post-exploitation activities

  Email, phone, or physical social-engineering assessments

  Developing, extending, or modifying exploits, shellcode or exploit tools

  Reverse engineering malware, data obfuscators, or ciphers

  Strong credentials in wireless, web application, and network security testing

  Familiar with MITRE ATT&CK framework and D3FEND matrix"

  Educational Requirements & Experience

  Bachelors in Computer Science /IT/Electronics Engineering or equivalent University degree.

  Minimum of 3.5 -7 years of experience in the IT security industry, preferably working in a consulting or IT Services environment.

  Certifications: Offensive Security Certified Professional (OSCP), CREST CRT and GIAC Certified Web Application Defender (GWEB)"

  Additional Desired Skills

  Strong interpersonal, presentation and business communication skills.

  Ability to work with minimal levels of supervision or oversight.

  Adherence to security policies.

  Education (if blank, degree and/or field of study not specified)

  Degrees/Field of Study required:

  Degrees/Field of Study preferred:

  Certifications (if blank, certifications not specified)

  Required Skills

  Optional Skills

  Accepting Feedback, Active Listening, Communication, Computer Forensic Software, Cybersecurity Threat Mitigation, Cyber Threat Intelligence, Digital Forensics, Emotional Regulation, Empathy, EnCase (Investigation Software), Forensic Investigation, Fraud Detection, Fraud Investigation, Incident Investigation, Incident Remediation, Inclusion, Intellectual Curiosity, Intrusion Detection System (IDS), Optimism, Relativity E-Discovery, Teamwork, Vulnerability Assessment, Well Being

  Desired Languages (If blank, desired languages not specified)

  Travel Requirements

  Not Specified

  Available for Work Visa Sponsorship?

  No

  Government Clearance Required?

  Yes

  Job Posting End Date

• About the company

  PricewaterhouseCoopers is a multinational professional services network of firms headquartered in London, United Kingdom, operating as partnerships under the PwC brand.

Notice