Cybersecurity, Privacy and Forensics - Cyber Penetration Testing (CPT2) - Senior Associate

Posted 3 Days Ago
Be an Early Applicant
New York, NY
84K-202K Annually
Mid level
Artificial Intelligence • Professional Services • Business Intelligence • Consulting • Cybersecurity • Generative AI
At PwC, our purpose is to build trust in society and solve important problems.
The Role
As a Senior Associate in the Cyber Penetration Testing team, you will solve complex data protection challenges by delivering threat actor simulation services, penetration tests, and device assessments, while enhancing client security controls and contributing to technical improvements within PwC.
Summary Generated by Built In

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe. The Cyber Penetration Testing (CPT2) team focuses on delivering threat actor simulation services, device or application assessments, and penetration tests. You will help clients understand the tangible risks they face from a variety of threat actors and what they target to include different postures, scenarios, or targeted assets. Working as a member of CPT2 also provides the opportunity to directly help clients enhance or tune their preventative, and detective controls on a proactive basis. Our team focuses on assessment and recommendation services that blend deep technical manual tradecraft with targeted automation to simulate real threats to a client's environments. As a part of this center of excellence, you will drive change at PwC's clients by providing risk outside of the theoretical while contributing to the technical acumen of the practice and amplifying your own personal capabilities.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Use feedback and reflection to develop self awareness, personal strengths and address development areas.
  • Delegate to others to provide stretch opportunities and coach to help deliver results.
  • Develop new ideas and propose innovative solutions to problems.
  • Use a broad range of tools and techniques to extract insights from from current trends in business area.
  • Review your work and that of others for quality, accuracy and relevance.
  • Share relevant thought leadership.
  • Use straightforward communication, in a structured way, when influencing others.
  • Able to read situations and modify behavior to build quality, diverse relationships.
  • Uphold the firm's code of ethics and business conduct.


Job Requirements and Preferences:
Basic Qualifications:
Minimum Degree Required:
Bachelor's Degree
Minimum Year(s) of Experience:
3 year(s)
Preferred Qualifications:
Preferred Fields of Study:
Computer and Information Science,Computer Applications,Computer Engineering,Information CyberSecurity,Information Technology,Management Information Systems
Certification(s) Preferred:
Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified as GIAC Web Application Penetration Tester (GWAPT)
Preferred Knowledge/Skills:
Demonstrates thorough knowledge and/or a proven record of success in the following areas:

  • Technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management;
  • Security testing tools, such as BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect, or other tools included within the Kali Linux distribution;
  • Networking protocols, TCP/IP stack, systems architecture, and operating systems;
  • Common programming and scripting languages, such as Python, PowerShell, Ruby, Perl, Bash, JavaScript, or VBScript;
  • Cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS; and,
  • Traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools.Demonstrates thorough abilities and/or a proven record of success in the following areas:
  • Performing penetration testing activities within a client's environment, emphasizing manual stealthy testing techniques;
  • Executing stealthy penetration testing, advanced red team, or adversary simulation engagements using commercially / freely available offensive security tools and utilities built into operating systems;
  • Understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines;
  • Identifying security critical vulnerabilities without utilizing a vulnerability scanning tool, i.e., knowledge of exploitable vulnerabilities and ability to execute stealthy penetration testing engagements;
  • Compromising Active Directory environments and demonstrating business impact by identifying and obtaining access to business critical assets/information;
  • Performing social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), web hosting administrator, developing malicious phishing payloads, or pivoting through phished systems;
  • Participating actively in client discussions and meetings and communicating a broad range of potential add-on services based on identified weaknesses;
  • Managing engagements with junior staff;
  • Preparing accurate documents, leveraging and utilizing MS Office and Google Docs to complete related project deliverables, as necessary;
  • Balancing project economics management with the occurrence of unanticipated issues;
  • Creating a positive environment by monitoring workloads of the team while meeting client expectations and respecting the work-life quality of team members;
  • Proactively seeking guidance, clarification, and feedback; and,
  • Keeping leadership informed of progress and issues.


Learn more about how we work: https://pwc.to/how-we-work
PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
The salary range for this position is: $84,000 - $202,000, plus individuals may be eligible for an annual discretionary bonus. For roles that are based in Maryland, this is the listed salary range for this position. Actual compensation within the range will be dependent upon the individual's skills, experience, qualifications and location, and applicable employment laws. PwC offers a wide range of benefits, including medical, dental, vision, 401k, holiday pay, vacation and more. To view our benefits at a glance, please visit the following link: https://pwc.to/benefits-at-a-glance

Top Skills

Cybersecurity

What the Team is Saying

Art
Brandon
Nishana
The Company
New York, NY
364,000 Employees
Hybrid Workplace
Year Founded: 1998

What We Do

We’re inspiring and empowering our people to change the world. Powered by the technology of today, you’ll work with diverse teams to build trust and create new client solutions in unexpected ways. The only way we can tackle the challenges of a fast-changing world is with people like you. Be a part of The New Equation.

Why Work With Us

Although we come from different backgrounds and cultures across the firm, our values are what we have in common. They capture our shared aspirations and expectations, and guide how we make decisions and treat others. We care for our people and are committed to inclusion, understanding and respect for all.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

PwC Teams

Team
Cloud and Digital Teams
Team
Strategic Alliances Teams
Team
Oracle Teams
About our Teams

PwC Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
New York, NY

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account