PricewaterhouseCoopers Jobs

Job Information

PwC Cyber Penetration Testing Team (CPT²) Associate in San Antonio, Texas

Line of Service: Advisory

Specialty/Competency: Cybersecurity & Privacy

Industry/Sector: Not Applicable

Time Type: Full time

Government Clearance Required: No

Available for Work Sponsorship: Yes

Travel Requirements: Up to 20%

A career in our Cybersecurity, Privacy, & Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy, and Forensics professionals at PwC, but at our clients and industry analysts across the globe. Our Advisory Acceleration Center is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Invite and provide evidence-based feedback in a timely and constructive manner.

  • Share and collaborate effectively with others.

  • Work with existing processes/systems whilst making constructive suggestions for improvements.

  • Validate data and analysis for accuracy and relevance.

  • Follow risk management and compliance procedures.

  • Keep up-to-date with technical developments for business area.

  • Communicate confidently in a clear, concise and articulate manner - verbally and in written form.

  • Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.

  • Uphold the firm's code of ethics and business conduct

Job Requirements and Preferences :

Basic Qualifications :

Minimum Degree Required :

Bachelor Degree

Minimum Years of Experience :

3 year(s)

Preferred Qualifications :

Preferred Fields of Study :

Information CyberSecurity, Computer and Information Science, Information Technology, Computer Engineering, Computer Applications

Certification(s) Preferred :

Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester (GPEN), Certified as GIAC Web Application Penetration Tester (GWAPT), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

Preferred Knowledge/Skills :

Demonstrates some abilities and/or a proven record of success in the following areas:

  • Technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management;

  • Security testing tools, such as BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect, or other tools included within the Kali Linux distribution;

  • Networking protocols, TCP/IP stack, systems architecture, and operating systems;

  • Common programming and scripting languages, such as Python, PowerShell, Ruby, Perl, Bash, JavaScript, or VBScript;

  • Cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS; and,

  • Traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools.

Demonstrates some abilities and/or a proven record of success in the following areas:

  • Performing penetration testing activities within a client’s environment, emphasizing manual stealthy testing techniques;

  • Executing stealthy penetration testing, advanced red team, or adversary simulation engagements using commercially/freely available offensive security tools and utilities built into operating systems;

  • Understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines;

  • Identifying security critical vulnerabilities without utilizing a vulnerability scanning tool, i.e., knowledge of exploitable vulnerabilities and ability to execute stealthy penetration testing engagements;

  • Compromising Active Directory environments and demonstrating business impact by identifying and obtaining access to business critical assets/information;

  • Performing social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), developing malicious phishing payloads, or pivoting through phished systems;

  • Performing various workstreams for client engagements that emphasize identifying and addressing client needs;

  • Participating actively in client discussions and meetings; and,

  • Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Docs to complete related project deliverables, as necessary.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.

DirectEmployers