Penetration Testing Senior Associate

Description

At A.F.Ferguson & Co, our vision is to be the first choice employer for professional staff. As a trusted business advisor, we work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool, as well as those who reflect the diverse nature of our society. And we aim to encourage a culture where people can be themselves and be valued for their strengths.

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in penetration testing at PwC will focus on penetration testing (or pen testing) which is a security exercise where a cybersecurity consultant attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system's defences which attackers could take advantage of.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Degree in Cyber Security or other related disciplines e.g., Computer Science / Systems from a HEC recognized university
• Up to 3 years of relevant experience in cybersecurity, preferably in vulnerability assessment, penetration testing, or a related domain.
• Basic understanding of networking concepts, protocols, and architectures (TCP/IP, HTTP, DNS, etc.).
• Familiarity with operating systems such as Windows, Linux, and Unix.
• Exposure to common security tools such as Burp Suite, Nessus, Nmap, Metasploit, OWASP ZAP, or similar tools is preferred but not mandatory.
• Flexible in assessing different platforms such as PHP, ASP, NodeJS, and Java.
• Excellent understanding of OWASP TOP 10 and SANS TOP 20.
• Stay current on emerging technology trends and threat landscape

Additional / great to have:

• Having practical cyber security certifications such as CEH, eCCPT, eJPT eWAPT, OSCP, OSCE
• Experience of bug bounty programs, security research, red team and adversary.
• Prepare clear technical documentation and present findings/recommendations to stakeholders.
• Proven experience working in a client-facing, consulting, or project-based environment is an advantage.
• Strong analytical and problem-solving skills.

PwC A.F. Ferguson & Co. is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all.