Overview
About PwCWe’re one of the world’s leading professional services organisations.
From 158 countries, we help our clients, some of the most successful organisations on the globe, as well as its most dynamic entrepreneurs and thriving private businesses, to create the value they want.
We help to measure, protect and enhance the things that matter most to them.
Ethical HackingIn Cyber Security we deal with some of the most urgent issues facing businesses and governments today.
We help organisations from all sectors operate securely in the digital world and play an integral role in helping our clients ensure they’re protected.
PwC’s UK based ethical hacking team is the global Centre of Excellence for Ethical Hacking at PwC.
Our vision is to become the premier global Ethical Hacking team the first point of call for FTSE 100 and Fortune 500 clients looking for a true partner.
As a senior manager in this high performing team, you will have responsibility for assisting clients in testing the effectiveness of security controls in both the technology and human process spaces.
No technology based solution can completely prevent human error we work closely with our clients to become their trusted advisors offering far more than commodity penetration testing.
Using blended teams of experts from across our Threat Intelligence, Incident Response and Ethical Hacking teams, we provide customised solutions that meet the business objectives of our clients.
PwC UK provides real world attack simulation services to clients across the globe from our base in the UK and as a senior manager in this team a significant part of the role will involve overseeing and delivering red teams.
The team is made up of specialists from many backgrounds from red teaming, software development, computer networking, systems administration, hardware testing, reverse engineering, as well as those that have spent their entire careers working in the cyber security industry.
Our strength lies in our continuing expansion of our capabilities, our flexibility, our curiosity and our investment in training and research to ensure we develop our people to become world class experts in their chosen specialisms.
The RoleAs an Ethical Hacking Senior Manager you will be working in line with CREST or CHECK industry standards in order to support our clients businesses.
Ideally a current or previously qualified CREST Certified Tester with experience scoping and delivering security assessments including red teams, network infrastructure and applications.
A confident and experienced consultant able to work directly with clients with strong credibility amongst peers possibly through public speaking or vulnerability disclosures.
PwC provides staff with training and revision time to facilitate professional development and progress through industry exams.
Our people are, where possible, encouraged to undertake a UK government security clearance as part of this role.
As an Ethical Hacking Senior Manager you will have the opportunity to
Manage a number of complex client engagements requiring the use of ethical hacking tools and techniques to expose vulnerabilities in client IT systems by legally breaking into computer systems, websites, mobile applications, wireless platforms, Operational Technology OT and Internet of Things IoT environments
Manage and mentor junior staff and managers through sharing of professional and technical skills and experience
Maintain and develop relationships with a portfolio of iconic clients, understanding their needs, producing proposals to address them and providing risk based recommendations on security matters
Conduct and manage a variety of concurrent testing including
red teaming, infrastructure testing, both internal and external
application testing of both web and proprietary applications and protocols
mobile systems testing including RF and WiFi solutions
Research a variety of topics including
advanced evasion techniques for enhancing our red team capabilities, embedded devices such as IIoT/IoT
Scada/ICS, automotive
cryptography techniques and implementations
novel techniques and capabilities
Work with clients to review and enhance the security of key platforms such as Azure AD, Office 365 and a variety of supporting cloud platforms including IaaS and SaaS
Write risk based reports and attend customer delivery meetings
Act as a technical SME for collaborative project with other business teams such as Incident Response, Threat Intelligence, Crisis Response and Cyber Security Advisory
You can also expect to perform the following business development activitiesMeet with clients to understand their needs and help produce proposalsDevelop toolkits and methodologies to enhance our sales and delivery capabilityContribute to research, public blogs and whitepapers to improve our public profileAttend and speak at conferences within the Information Security communityCollaborate to develop new and innovative security services for our clientsDevelop new and innovative security services for our clientsWork with our outreach teams to support schools, colleges and universities in showing the next generation the opportunities available in the cyber industry.
Skills and experienceSignificant practical experience delivering a range of ethical hacking services to customers
Expert user of both Windows and Linux operating systems
Highly experienced in using commercial security testing tools and strong track record of interpreting and triaging results and producing management reports
Good working knowledge of Azure AD, Office 365 and common cloud hosting platforms.
Extensive knowledge of security testing requirements and techniques, demonstrated by Cyber Security Industry qualifications such as CREST SAS, SAM, CCT or OSCE
While not prerequisites, the following will be advantageous
Exposure to database technologies, multitier, web based and cloud based IT architectures
Knowledge of security technologies e.
g.
AV, SIEM, IDM, IPS, F/W, SSO, DLPDegree in computer science, cyber or STEM subjects or demonstrate professional development, industry qualification and practical experience
Experience of assessing native mobile applications under both iOS and Android
Experience of reverse engineering binary applications and network protocols
Experience of performing securityfocused source code reviews of largescale applications
Background in software development and application testing.
Experience of internal or external consulting or audit engagements
Excellent business communication skills, including writing proposals, initiating client engagements, leading workshops, writing reports, and delivering presentations to clients
Who we’re looking forWe are looking for individuals that thrive in a high tech, entrepreneurial environment such that they are comfortable working independently with little supervision and have a strong desire to learn and a willingness to share knowledge.
We are looking for individuals who thrive i
Information Technology
Finding a job in the UK is very easy now. You can see all job postings on this site. Please give us your e-mail address to see the type of posting or position you are looking for.