PwC Penetration Testing Manager in New York, New York

PwC/LOS Overview

PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.

We help resolve complex issues for our clients and identify opportunities. Learn more about us at

At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional ( provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.

Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready

  • to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at

It takes talented people to support the US firm of the largest professional services organization in the world. Not all of us work directly with external clients. Some of our best people choose to apply their talents inside PwC.

As part of Internal Firm Services, you're serving an organization on par with many of our external clients. Our Internal Firm Services team consists of first-rate marketers, human resource professionals, computer technologists, knowledge managers, accountants, financial planners, administrators and leaders. Internal Firm Services staff are the people who make it work for the people who make it work for our clients.

Job Description

Network Information Security organization is tasked with designing, implementing and maintaining information security capabilities and services for the PwC Network of member firms. The organization consists of highly skilled information security professionals across the globe that are focused on developing a leading security program across the Network of Firms, to foster clients’ trust in our ability to secure their most sensitive data, to better position PwC to address clients’ evolving needs and to harmonize the internal firm security strategy with client services go-to-market strategy. The group is leading PwC's Network Security Transformation Programme, which is a multi-year programme to enhance existing capabilities and build new capabilities to combat the ever more complex cyber threats.

Security Architecture, Engineering and Innovation designs and builds security technology capabilities across the PwC Network of Firms. They provide information security architecture standards, support PwC IT programmes, identify and pilot innovative security technologies and implement security tools to address risks and IT security painpoints.

The Application Security team secures PwC's information assets.

They sponsor the deployment of tools and processes to evaluate threat vulnerability in PwC applications.

Position/Program Requirements

Minimum Year(s) of Experience: 4

Minimum Degree Required: High School Diploma or GED

Degree Preferred: Bachelor's degree

Certification(s) Preferred: CISSP, CISM, CISA, CCIE, CCNA, CCNP and CCSA

Knowledge Preferred:

Demonstrates extensive knowledge and/or a proven record of success in the following areas:

  • Application security solutions and Web hosting architecture and principles;

  • Common networking protocols and services and their relevant security issues;

  • Risk assessment/acceptance factors that can affect business and security decisions; and,

  • Business processes and drivers that can affect system design.

Skills Preferred:

Demonstrates extensive abilities and/or a proven record of success in the following areas:

  • Analyzing application security vulnerability and executing process.

Reviews vendor processes using application threat vulnerability tools, scanning techniques and/or code review results;

-Using assessments of vulnerabilities and sources of threats and current security guidance;

-Collaborating with teams to identify opportunities and provide recommendations on how application security can be built into project development;

  • Interacting with project management team members and vendors on application projects;

-Reviewing application threat vulnerability assessments on application development projects;

-Implementing strategy for application threat vulnerability review and remediation;

  • Identifying and documenting complex business cases to assist in gaining internal support to implement security solutions; and,

  • Monitoring vendor application development processes.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law.