Penetration Testing Senior Associate

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Technology Strategy

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in penetration testing at PwC will focus on penetration testing (or pen testing) which is a security exercise where a cybersecurity consultant attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system's defences which attackers could take advantage of.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Degree in Cyber Security or other related disciplines e.g., Computer Science / Systems from a HEC recognized university

• Up to 3 years of relevant experience in cybersecurity, preferably in vulnerability assessment, penetration testing, or a related domain.

• Basic understanding of networking concepts, protocols, and architectures (TCP/IP, HTTP, DNS, etc.).

• Familiarity with operating systems such as Windows, Linux, and Unix.

• Exposure to common security tools such as Burp Suite, Nessus, Nmap, Metasploit, OWASP ZAP, or similar tools is preferred but not mandatory.

• Flexible in assessing different platforms such as PHP, ASP, NodeJS, and Java.

• Excellent understanding of OWASP TOP 10 and SANS TOP 20. 

• Stay current on emerging technology trends and threat landscape

Additional / great to have:

• Having practical cyber security certifications such as CEH, eCCPT, eJPT eWAPT, OSCP, OSCE

• Experience of bug bounty programs, security research, red team and adversary.

• Prepare clear technical documentation and present findings/recommendations to stakeholders.

• Proven experience working in a client-facing, consulting, or project-based environment is an advantage.

• Strong analytical and problem-solving skills.

PwC A.F. Ferguson & Co. is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Bash (Programming Language), Common Vulnerability Scoring System (CVSS), Communication, Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption, Ethical Hacking, Firewall (Network Security), Inclusion, Information Security, Information Security Management System (ISMS), Information Security Risk Assessments, Intellectual Curiosity, Intrusion Detection System (IDS), IT Infrastructure, Kali Linux, Learning Agility, Microsoft Active Directory {+ 25 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date