IN_Senior Associate_ VAPT _S&G_ Advisory _Chennai

2 Months ago • 5 Years + • Cyber Security

About the job

Summary

Senior Associate VAPT role at PwC, Chennai, focusing on security testing, red teaming, and adversary simulations. Must have 5+ years of experience, strong technical skills in penetration testing tools, security frameworks, and scripting languages. Prior Big 4 experience and relevant certifications are preferred.
Must have:
  • Penetration Testing
  • Security Frameworks
  • Scripting Languages
  • Big 4 Experience
Good to have:
  • Red Teaming
  • Adversary Simulation
  • Relevant Certifications
  • IT Risk Advisory
Perks:
  • PwC Benefits
  • Growth Opportunities
Not hearing back from companies?
Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Senior Associate

Job Description & Summary

A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

*Why PWC
At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.
At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Responsibilities:

Preferred Knowledge/Skills:   

  

Demonstrates thorough knowledge and/or a proven record of success in the following areas:   

Technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management;   

Security testing tools, such as BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect, or other tools included within the Kali Linux distribution;   

Networking protocols, TCP/IP stack, systems architecture, and operating systems;   

Common programming and scripting languages, such as Python, PowerShell, Ruby, Perl, Bash, JavaScript, or VBScript;   

Well-known Cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS; and,   

Traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools.  

   

Demonstrates thorough abilities and/or a proven record of success in the following areas:   

Performing penetration testing activities within a client’s environment, emphasizing manual stealthy testing techniques;   

Executing stealthy penetration testing, advanced red team, or adversary simulation engagements using commercially / freely available offensive security tools and utilities built into operating systems;   

Understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines; .   

Identifying security critical vulnerabilities without utilizing a vulnerability scanning tool, i.e., knowledge of exploitable vulnerabilities and ability to execute stealthy penetration testing engagements;   

Compromising Active Directory environments and demonstrating business impact by identifying and obtaining access to business critical assets/information;   

Performing social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), web hosting administrator, developing malicious phishing payloads, or pivoting through phished systems;   

Participating actively in client discussions and meetings and communicating a broad range of potential add-on services based on identified weaknesses;   

Managing engagements with junior staff;   

Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Docs to complete related project deliverables, as necessary;   

Balancing project economics management with the occurrence of unanticipated issues.  

Creating a positive environment by monitoring workloads of the team while meeting client expectations and respecting the work-life quality of team members;   

Proactively seeking guidance, clarification, and feedback; and,   

Keeping leadership informed of progress and issues.  

Education:

Minimum Qualification: BE/ BTech/MBA/Mtech/MCA (Non Mechanical)

Postgraduates in any stream would be preferred (not mandatory)

Prior Big 4 experience would be an added advantage

Experience in IT Risk Advisory/ Assurance for varied industry segments preferred

Excellent communication skills - both written and oral

Certifications:

CIA/CISA/CISM will be added advantage

Mandatory skill sets

"vapt" and ("oscp" or "EJPT" or "OSWE" or "CPENT" or "GPEN" or "GWAPT" or "OSCE") and security and "Penetration Testing" and mobile

Preferred skill sets:

 ISO

Years of experience required:

5+ Years

Education qualification:

BE, B.tech, ME, M.tech, MCA, (non mechanical)

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering, Master of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

SIEM Tools, SoCs

Optional Skills

Cybersecurity, Ethical Hacking

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date

View Full Job Description

About The Company

At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 152 countries with over 327,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity.


Content on this page has been prepared for general information only and is not intended to be relied upon as accounting, tax or professional advice. Please reach out to your advisors for specific advice.

View All Jobs

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug