PwC NIS - Penetration Testing Lead in Tampa, Florida
Specialty/Competency: IFS – Information Technology (IT)
Industry/Sector: Not Applicable
Time Type: Full time
Government Clearance Required: No
Available for Work Sponsorship: No
Travel Requirements: Up to 20%
A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You’ll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Encourage everyone to have a voice and invite opinion from all, including quieter members of the team.
Deal effectively with ambiguous and unstructured problems and situations.
Initiate open and candid coaching conversations at all levels.
Move easily between big picture thinking and managing relevant detail.
Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
Contribute technical knowledge in area of specialism.
Contribute to an environment where people and technology thrive together to accomplish more than they could apart.
Navigate the complexities of cross-border and/or diverse teams and engagements.
Initiate and lead open conversations with teams, clients and stakeholders to build trust.
Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
High School Diploma
Minimum Years of Experience :
Preferred Qualifications :
Degree Preferred :
Certification(s) Preferred :
GPEN, GWAPT, GMOB, OSCP, CISSP
Preferred Knowledge/Skills :
Demonstrates intimate abilities and/or a proven record of success in the following areas:
Understanding of security environment across multiple disciplines for applications;
Developing an execution strategy to protect the IT assets of the firm from external threats;
Utilizing hands on experience in the Web, APIs, Mobile, Thick Client and database penetration testing;
Understanding of products and service offerings in the application development area that analyze potential security weaknesses or vulnerabilities in application code;
Writing, communicating, facilitating, and presenting technical and financial data to and/or for all levels of industry audiences, internal staff and management;
Understanding of vulnerabilities and sources of threats, results of risk assessments, and current security state to translate these into complete threat and vulnerability management solutions; and,
Leading, developing and maintaining processes to enhance organizational effectiveness.
Demonstrates intimate abilities and/or a proven record of success contributing to new intellectual capital through deep knowledge in all areas related to Application Security including:
Leading Application Security Services and providing direction to direct and lead virtual teams;
Developing and strengthening relationships outside the functional team, focusing on understanding the needs of those who depend on the team’s services and those who deliver services on which the team depends;
Understanding in engagement management and reporting including project planning, budgeting and tracking engagement progress;
Managing Security Testing;
Testing applications for security vulnerabilities and policy compliance;
Documenting issues with corresponding evidence;
Assessing risk of identified issues according to PwC risk rating methodology;
Providing security guidance on remediation of issues;
Validating remediated issues;
Driving Program Management;
Assisting with continued process improvement activities;
Assisting in keeping security test cases up-to-date;
Security testing product evaluations as needed
Showcasing analytical skills;
Exhibiting an eye for detail;
Implementing time management and prioritization skills; and,
Demonstrating experience in application security, vulnerability assessment or penetration testing.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoifsseniormanager .
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.