Line of Service
Advisory
Industry/Sector
Technology
Specialism
Advisory - Other
Management Level
Manager
Job Description & Summary
In Cyber Security we deal with some of the most urgent issues facing
businesses and governments today. We help organisations from all sectors
operate securely in the digital world and play an integral role in helping our
clients ensure they're protected.
PwC's UK based ethical hacking team is the global Centre of Excellence for
Ethical Hacking at PwC. Our vision is to become the premier global Ethical
Hacking team - the first point of call for FTSE 100 and Fortune 500 clients
looking for a true partner. As a manager in this high performing team, you
will have responsibility for assisting clients in testing the effectiveness of
security controls in both the technology and human process spaces. No
technology based solution can completely prevent human error - we work closely
with our clients to become their trusted advisors offering far more than
commodity penetration testing.
Using blended teams of experts from across our Threat Intelligence, Incident
Response and Ethical Hacking teams, we provide customised solutions that meet
the business objectives of our clients. PwC UK provides real world attack
simulation services to clients across the globe from our base in the UK and as
a manager in this team a significant part of the role will be supporting and
managing red teams.
The team is made up of specialists from many backgrounds - from red teaming,
software development, computer networking, systems administration, hardware
testing, reverse engineering, as well as those that have spent their entire
careers working in the cyber security industry. Our strength lies in our
continuing expansion of our capabilities, our flexibility, our curiosity and
our investment in training and research to ensure we develop our people to
become world class experts in their chosen specialisms.
The Role
As a Red Team Manager you will be working in line with CRESTand other relevant
industry standards in order to deliver attack simulation services at the
highest levels into our clients. Our clients are some of the largest global
organisations and come from all sectors including a significant proportion
from our traditional background in the financial services sector. All share a
key objective and want to understand the risks they face from real world
threats so we package up individual work programs to meet their needs. We
increasingly see questions coming from company boards and risk committees
asking the questions that only an effective adversary simulation exercise can
answer.
The candidates we are looking for are ideally a current or previously
qualified CREST Certified Simulated Attack Specialist (CCSAS) or Certified
Simulated Attack Manager (CCSAM). Candidates should have experience scoping
and delivering high level red teams but also with good experience testing
network infrastructure and applications as these skills are essential when
performing lateral movement and gaining access to target platforms. Much of
our work involves targets with capable monitoring and incident response teams
and modern EDR platforms so experience bypassing common products and
demonstrating strong operational security awareness is important.
You must be a confident and experienced consultant able to work directly with
clients with strong credibility amongst peers - possibly through public
speaking or vulnerability disclosures.
PwC provides staff with training and revision time to facilitate professional
development and progress through industry exams. Our people are, where
possible, encouraged to undertake a UK government security clearance as part
of this role.
As a Red Team Manager you will have the opportunity to:
* Deliver and manage relatively complex client engagements requiring the use of offensive security tools and techniques to to identify weaknesses in client IT environments by legally breaking into computer systems, websites, mobile applications and wireless platforms as part of real world simulated attack scenarios;
* Research a variety of topics including: advanced evasion techniques for enhancing our red team capabilities and other novel techniques and capabilities;
* Contribute to the creation of new private and public tooling to enhance deliver capabilities;
* Work with a world leading Threat Intelligence team to deliver full package solutions to clients looking to answer both the "who" and the "how" questions for possible attacks;
* Work closely with a dedicated development team to research and weaponise new vulnerabilities and techniques for bypassing endpoint security solutions;
* Manage and mentor junior staff through sharing of professional and technical skills and experience;
* Maintain and develop relationships with iconic clients, understanding their needs, producing proposals to address them and providing risk based recommendations on security matters;
* Conduct and manage a variety of testing including: red teaming, infrastructure testing, both internal and external; application testing of both web and proprietary applications and protocols; mobile systems testing including RF and WiFi solutions;
* Research a variety of topics including: advanced evasion techniques for enhancing our red team capabilities, embedded devices such as IIoT/IoT; Scada/ICS, automotive; cryptography techniques and implementations; novel techniques and capabilities;
* Work with clients to review and enhance the security of key platforms such as Azure AD, Office 365 and a variety of supporting cloud platforms including IaaS and SaaS.
* Write risk based reports and attend customer delivery meetings;
* Act as a technical SME for collaborative projects with other business teams such as Incident Response, Threat Intelligence, Crisis Response and Cyber Security Advisory;
* You can also expect to perform the following business development activities
* Meet with clients to understand their needs and help produce proposals
* Develop toolkits and methodologies to enhance our sales and delivery capability
* Contribute to research, public blogs and whitepapers to improve our public profile
* Attend and speak at conferences within the Information Security community
* Collaborate to develop new and innovative security services for our clients
* Develop new and innovative security services for our clients
* Work with our outreach teams to support schools, colleges and universities in showing the next generation the opportunities available in the cyber industry.
Skills and experience
* Significant practical experience delivering a range of ethical hacking services to customers;
* Expert user of both Windows and Linux operating systems.
* Highly experienced in using commercial security testing tools and strong track record of interpreting and triaging results, and producing management reports.
* Good working knowledge of Azure AD, Office 365 and common cloud hosting platforms.
* Extensive knowledge of security testing requirements and techniques, demonstrated by Cyber Security Industry qualifications such as CREST SAS, SAM, CCT or OSCE;
* While not prerequisites, the following will be advantageous:
* Exposure to database technologies, multi-tier, web based and cloud based IT architectures;
* Knowledge of security technologies (e.g. AV, SIEM, IDM, IPS, F/W, SSO, DLP)
* Degree in computer science, cyber or STEM subjects or demonstrate professional development, industry qualification and practical experience;
* Experience of assessing native mobile applications under both iOS and Android;
* Experience of reverse engineering binary applications and network protocols;
* Experience of performing security-focused source code reviews of large-scale applications;
* Background in software development and application testing;
* Experience of internal or external consulting or audit engagements;
* Excellent business communication skills, including writing proposals, initiating client engagements, leading workshops, writing reports, and delivering presentations to clients;
Who we 're looking for
We are looking for individuals that thrive in a high tech, entrepreneurial
environment such that they are comfortable working independently with little
supervision and have a strong desire to learn and a willingness to share
knowledge. We are looking for individuals who thrive in a team environment and
who understand that we are far more than the sum of our parts when working
collaboratively both with colleagues and also with clients and third parties.
People that succeed in our business have a passion for cyber security, are
naturally inquisitive and get a buzz from solving complex problems.
Furthermore, they have a good attention to detail allied with exceptional
analytical and technical aptitude. Most of all, they are or have a desire to
be excellent communicators as we are in a business founded on strong
relationships.
About PwC
We're one of the world's leading professional services organisations. From 158
countries, we help our clients, some of the most successful organisations on
the globe, as well as its most dynamic entrepreneurs and thriving private
businesses, to create the value they want. We help to measure, protect and
enhance the things that matter most to them.
The skills we look for in future employees
All our people need to demonstrate the skills and behaviours that support us
in delivering our business strategy. This is important to the work we do for
our business, and our clients. These skills and behaviours make up our global
leadership framework, 'The PwC Professional' and are made up of five core
attributes; whole leadership, technical capabilities, business acumen, global
acumen and relationships.
Learn more here www.pwc.co.uk/ethicalhacking
* PwC pays a financial incentive for those qualified with these and other certifications
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:
Degrees/Field of Study preferred:
Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not Specified
Available for Work Visa Sponsorship?
Yes
Government Clearance Required?
No
Job Posting End Date*
### **Description** At PwC, we measure success by our ability to create the value that our clients and our people are looking for. Our reputation lies in building lasting relationships with our clients and a focus on delivering value in all we do. We 're a network of firms in 158 countries with mor…
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Manager **Job Description & Summary ** A career in our Cyber Crime and Breach Response practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help …
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Senior Manager **Job Description & Summary ** In Cyber Security we deal with some of the most urgent issues facing businesses and governments today. We help organisations from all sector…
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Senior Manager **Job Description & Summary ** About PwC ETIC - Egypt Technology and Innovation Centre PwC is opening a new Technology & Innovation Center in Cairo that will deliv…
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Associate **Job Description & Summary ** A career in our Advanced Analytics practice, within Risk Assurance Compliance and Analytics services, will provide you with the opportunity to as…
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Senior Associate **Job Description & Summary ** About PwC ETIC - Egypt Technology and Innovation Centre PwC is opening a new Technology & Innovation Center in Cairo that will del…
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Senior Manager **Job Description & Summary ** About PwC ETIC - Egypt Technology and Innovation Centre PwC is opening a new Technology & Innovation Center in Cairo that will deliv…
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Manager **Job Description & Summary ** **About the role** As a Manager you should have strong business, technical, analytical and commercial skills and be able to apply your knowledge to…
### **Description** At PwC, we measure success by our ability to create the value that our clients and our people are looking for. Our reputation lies in building lasting relationships with our clients and a focus on delivering value in all we do. We 're a network of firms in 158 countries with mor…
**Line of Service** Advisory **Industry/Sector** Technology **Specialism** Advisory - Other **Management Level** Manager **Job Description & Summary ** **About the role** PwC is opening a new Technology & Innovation Center in Cairo that will deliver high quality technology solutions to consulting C…