Ethical Hacking Red Team - Manager

PwC

London, United Kingdom

Other

Yes

16e31541b8a8

9

26.04.2025

10.06.2025

The Role

As a Red Team Manager, you will work in line with CREST and other relevant industry standards to deliver attack simulation services at the highest levels to our clients. Our clients include some of the largest global organizations across various sectors, including a significant proportion from the financial services sector. They seek to understand the risks they face from real-world threats, and we tailor work programs to meet their specific needs. Increasingly, questions from company boards and risk committees highlight the importance of effective adversary simulation exercises.

Roles and Responsibilities

• Deliver and manage complex client engagements using offensive security tools and techniques to identify vulnerabilities in IT environments through simulated attack scenarios, including breaking into computer systems, websites, mobile applications, and wireless platforms;
• Research topics such as advanced evasion techniques and develop new capabilities to enhance red team operations;
• Create private and public tooling to improve service delivery;
• Collaborate with Threat Intelligence teams to provide comprehensive solutions addressing the 'who' and 'how' of potential attacks;
• Work with development teams to research and develop methods for bypassing endpoint security solutions;
• Mentor junior staff by sharing technical and professional expertise;
• Maintain relationships with key clients, understand their needs, and produce security proposals and risk-based recommendations;
• Conduct various testing activities including red teaming, infrastructure testing, application testing (web and proprietary), and mobile system testing (RF and WiFi);
• Research emerging topics such as embedded device security, IIoT/IoT, SCADA/ICS, automotive security, cryptography, and novel attack techniques;
• Assist clients in reviewing and enhancing security for platforms like Azure AD, Office, and other cloud services.

This role is for you if:

• You have significant practical experience delivering ethical hacking services;
• You are an expert in Windows and Linux operating systems;
• You are experienced with commercial security testing tools, interpreting results, and producing management reports;
• You possess good knowledge of Azure AD, Office, and cloud hosting platforms;
• You hold cybersecurity qualifications such as CREST SAS, SAM, CCT, or OSCE;
• You have excellent communication skills, capable of writing proposals, leading workshops, and delivering presentations.