Experienced Associate Cyber Security

Work set-up: 
Full Remote
Contract: 
Experience: 
Entry-level / graduate
Work from: 

Offer summary

Qualifications:

Experience in penetration testing, red teaming, or secure source-code review., Knowledge of web and mobile application vulnerabilities and security testing., Relevant industry certifications such as OSCP, OSWE, or equivalent., Degree in a related field or equivalent practical experience..

Key responsibilities:

  • Conduct cybersecurity assessments including penetration testing of web and mobile applications.
  • Perform network vulnerability assessments and evaluate cybersecurity controls.
  • Engage in red teaming and cyber-attack simulations to test client security strategies.
  • Review source code to identify vulnerabilities and logical errors.

PwC Ireland logo
PwC Ireland https://www.pwc.ie
1001 - 5000 Employees
See all jobs

Job description

Line of Service

Assurance

IndustrySector

Not Applicable

Specialism

Conduct and Compliance

Management Level

Associate

Job Description & Summary

We are PwC, a global professional services company and a Big Four firm. We are seeking candidates who have experience in penetration testing, red teaming or secure sourcecode reviewdevelopment for the role of Associate ConsultantPenetration Tester within the Cybersecurity and Privacy team. The role may be based at either our Hanoi office or Ho Chi Minh City office. Joining PwC, the successful candidate will have opportunities to collaborate with cybersecurity experts throughout the PwC global network and deliver cybersecurity services for clients in various sectors.

Work in a highly innovative and transformative business

Worklife balance with access to flexible work arrangements

Salary packaging – to suit your personal and financial circumstances

Professional certification sponsorship – to develop your talent and enhance knowledge

What will your typical day look like?

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on nextgeneration, cuttingedge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a worldclass organisation that provides an exceptional career experience with an inclusive and collaborative culture?

Responsibilities:

  • Conduct cybersecurity assessments, covering web application and mobile application penetration testing in accordance with OWASP Top 10 and CWE Top 25

      • Conduct internalexternal network penetration testing to assess clients network security risks and evaluate clients cybersecurity controls

          • Perform network vulnerability assessments to identify potential issues against network access controls and network segmentation

              • Engage in red teaming engagement projects and cyberattack simulation testing to assess clients cybersecurity strategies

                  • Engage source code reviews to identify potential logical errors in program flows, misconfigurations, and exploitable vulnerabilities in applications

                      • Research, collect and analyse cyber threat intelligence from threat actors

                          • Work actively in supporting and following up on proposal processing in accordance with client expectations on a crossborder and global multinational basis

                              • Continuously research and follow up on the latest IT security challenges and technologies (mobile, digital trust, IoT, cloud, blockchain etc.)

                                • You are someone with:

                                  • Experience in web application development and software engineering

                                      • Knowledge of common infrastructure and web application vulnerabilities and common vulnerability categorisations such as OWASP, CVSS

                                          • Experience in security testing, including application testing, penetration testing, and vulnerability assessment

                                              • Experience in implementing network systems and deep understanding of common misconfigurations leading to security vulnerabilities in network systems

                                                  • Ability to work under pressure and deliver quality work in tight timelines

                                                      • Demonstrated experience of working with diverse stakeholders

                                                          • Good communication and interpersonal skills

                                                              • Willingness to take on new challenges, gain new skills and work collaboratively in a dynamic and rapidly growing team

                                                                  • Training on selfdevelopment platforms (TryHackMe, HackTheBox, PentesterLabs, PortSwigger Web Security Academy, etc.)

                                                                    • Preferred:

                                                                      • Thorough understanding of common software security vulnerabilities (CWE Top 25 Most Dangerous Software Weaknesses)

                                                                          • Experience of conducting red teaming engagements and cyberattack simulation testing

                                                                              • Demonstrated knowledge of penetration testing across several domains such as cloud and container security, applied cryptography, networks infrastructure, etc.

                                                                                  • Knowledge of developing hacking scriptstools

                                                                                      • Knowledge of secure development andor DevSecOps experience, including experience in securing code before deployment, code review, and vulnerability and dependency management

                                                                                          • Experience in bug bounty programs or CVE hunting is an advantage

                                                                                              • Preference will be given to candidates who hold one of the following industry certifications: OSCP, OSWA, eWPT, eCPPT, CRTP, PNPT, CREST CRTCCT, or equivalent

                                                                                                  • Preference will be given to candidates who hold relevant cloud certifications: AWS, Azure, GCP

                                                                                                      • Strong preference will be given to candidates who hold one of the following industry certifications: OSWE, OSEP, OSCE, CRTO, CRTE, eCPTX, eWPTX, SANS

                                                                                                        • Education (if blank, degree andor field of study not specified)

                                                                                                          DegreesField of Study required:

                                                                                                          DegreesField of Study preferred:

                                                                                                          Certifications (if blank, certifications not specified)

                                                                                                          Required Skills

                                                                                                          Optional Skills

                                                                                                          Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}

                                                                                                          Desired Languages (If blank, desired languages not specified)

                                                                                                          Travel Requirements

                                                                                                          Available for Work Visa Sponsorship?

                                                                                                          Government Clearance Required?

                                                                                                          Job Posting End Date

Required profile

Experience

Level of experience: Entry-level / graduate
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Social Skills
  • Teamwork
  • Communication
  • Problem Solving

Cybersecurity Engineer Related jobs