2 days old

Cybersecurity - Penetration Testing - Senior Associate

PwC
New York, NY 10016

A career in our Threat, Intelligence and Vulnerability Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. Youll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.Our team helps organisations to rapidly and effectively respond to threats against potential security incidents by helping to detect, respond to, investigate, and remediate threats across the incident management life cycle.


To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.


As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Use feedback and reflection to develop self awareness, personal strengths and address development areas.
  • Delegate to others to provide stretch opportunities and coach to help deliver results.
  • Develop new ideas and propose innovative solutions to problems.
  • Use a broad range of tools and techniques to extract insights from from current trends in business area.
  • Review your work and that of others for quality, accuracy and relevance.
  • Share relevant thought leadership.
  • Use straightforward communication, in a structured way, when influencing others.
  • Able to read situations and modify behavior to build quality, diverse relationships.
  • Uphold the firm's code of ethics and business conduct.

Preferred skills

  • Job Requirements and Preferences:

    Basic Qualifications:

    Minimum Degree Required:
    Bachelor Degree

    Minimum Years of Experience:
    4 year(s)

    Preferred Qualifications:

    Degree Preferred:
    Bachelor Degree

    Preferred Fields of Study:
    Computer and Information Science, Information Technology, Computer Applications, Computer Engineering, Information CyberSecurity

    Certification(s) Preferred:
    Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified as GIAC Web Application Penetration Tester (GWAPT).

    Preferred Knowledge/Skills:
    Demonstrates thorough knowledge and/or a proven record of success in the following areas: - Technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management; - Security testing tools, such as BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect, or other tools included within the Kali Linux distribution; - Networking protocols, TCP/IP stack, systems architecture, and operating systems; - Common programming and scripting languages, such as Python, PowerShell, Ruby, Perl, Bash, JavaScript, or VBScript; - Well-known Cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS; and, - Traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools.

    Demonstrates thorough abilities and/or a proven record of success in the following areas: - Performing penetration testing activities within a clients environment, emphasizing manual stealthy testing techniques; - Executing stealthy penetration testing, advanced red team, or adversary simulation engagements using commercially / freely available offensive security tools and utilities built into operating systems; - Understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines; . - Identifying security critical vulnerabilities without utilizing a vulnerability scanning tool, i.e., knowledge of exploitable vulnerabilities and ability to execute stealthy penetration testing engagements; - Compromising Active Directory environments and demonstrating business impact by identifying and obtaining access to business critical assets/information; - Performing social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), web hosting administrator, developing malicious phishing payloads, or pivoting through phished systems; - Participating actively in client discussions and meetings and communicating a broad range of potential add-on services based on identified weaknesses; - Managing engagements with junior staff; - Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Docs to complete related project deliverables, as necessary; - Balancing project economics management with the occurrence of unanticipated issues. - Creating a positive environment by monitoring workloads of the team while meeting client expectations and respecting the work-life quality of team members; - Proactively seeking guidance, clarification, and feedback; and, - Keeping leadership informed of progress and issues.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.

Categories

Posted: 2020-01-19 Expires: 2020-02-19

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cybersecurity - Penetration Testing - Senior Associate

PwC
New York, NY 10016

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast