Senior Associate –Security testing_ VAPT – Advisory – Mumbai

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Senior Associate

Job Description & Summary

A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Responsibilities: Key Responsibilities:

 Good interpersonal skills (written and oral communication)
and ability to articulate complex issues 
 Ability to communicate technical
 information clearly and concisely, commensurate with the
audience 
 Conceptual thinking and communication skills — the ability
to conceptualize complex business and technical
requirements into comprehensible models and templates. 
 Good communicator (written and verbal) and listener. 
 Must be a team player and motivated self-starter with ability
to work independently with limited supervision. 
 Must be assertive, methodical and detail oriented 
 
Technical Experience:
 Experience in Web and Mobile Application Security Testing,
Vulnerability Assessment and Penetration testing 
 Analyze scan reports and suggest remediation / mitigation
plan for security vulnerabilities 
 Should be aware of tools like Qualys, HP Fortify, IBM
Appscan, Burpsuite, Kali Linux suite of tools 
 Expertise in mobile apps reverse engineering and in-depth
knowledge of Android and iOS ecosystems. Knowledge of
industry standard tools for mobile pentest. 
 Thorough understanding of OWASP Top 10 vulnerabilities
and their mitigations. Knowledge of Network Security
technology in areas of Firewall, IPS, VPN, Gateway security
solutions (proxy, web filtering) 
 Conduct penetration test and launch exploits using Nessus,
Metaspoilt, kali linux penetration testing distribution tools
sets 
 Conduct Vulnerability Assessments of Network Devices
using various open source and commercial tools 
 Map out a network, discover ports and services running on
the different exposed network and security devices 
 Research and maintain proficiency in computer network
exploitation, tools, techniques, countermeasures, and trends
in computer network vulnerabilities, data hiding, network
security, and encryption. 
 In-depth understanding on Common Vulnerability
Exposure (CVE)/ CERT advisory database. Broad
background of networks, operating systems (Window, Unix,
Linux), firewalls and security engineering concepts. 
 Knowledge of scripting languages (Perl, Python, Shell etc)
will be added advantage 
 Knowledge of Open-Source Security Testing Methodology
Manual (OSSTMM) 
 

Mandatory skill sets: CEH, ECSA, LPT (any one)

Preferred skill sets: OSCP, OSWE

Years of experience required: 2-6 Years

Education qualification: B.Tech

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date