Associate Penetration Tester-CPT 2 [ US Client ]

Those in penetration testing at PwC will focus on penetration testing (or pen testing) which is a security exercise where a cybersecurity consultant attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system's defences which attackers could take advantage of.

Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives, needs, and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen, ask questions to check understanding, and clearly express ideas.
• Seek, reflect, act on, and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards, uphold the Firm's code of conduct and independence requirements.

Education:

• Bachelor's or Master's degree (completed or in progress) in Computer Science, Communications, or related fields from reputed Indian universities.

Certifications (Preferred):

• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester (GPEN)
• GIAC Web Application Penetration Tester (GWAPT)

Experience Required:

• 1–3 years in Web and Mobile Application Security Assessment
• Familiarity with OWASP, OSSTMM, NIST CSF guidelines
• Hands-on experience with tools like Burp Suite, Metasploit, Nessus, Kali Linux, etc.
• Proficiency in scripting/programming languages (Python, PowerShell, Bash, JavaScript, etc.)
• Strong understanding of modern application architectures, networking protocols, and operating systems
• Knowledge of cloud security best practices

Additional Qualifications (Nice to Have):

• Experience presenting at security conferences/events
• Ability to develop and implement automation solutions aligned with client threat posture

Soft Skills & Communication:

• Excellent verbal and written communication skills
• Strong executive presence and stakeholder engagement capabilities
• Proven problem-solving, analytical, and project management skills
• Ability to interpret security scenarios and document findings clearly
• Experience in client-facing roles, identifying opportunities for additional services
• Ability to align security strategies with evolving digital and threat landscapes

• Understand the importance of having correct information management
• Knowledge of Information Security and Data Protection
• Correct Information Security Management

All qualified applicants will receive consideration for employment at PwC without regard to ethnicity; creed; color; religion; national origin; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; marital; or any other status protected by law. PwC is proud to be an inclusive organization and equal opportunity employer.

Travel Requirements: Not Specified