Cyber Penetration Tester
  • South Africa Johannesburg
  • PwC Careers Africa
1 year before
31.12.2023
Protect and Defend
Cyber Defense Analysis
Job Description

Line of Service
Assurance

Industry/Sector
Not Applicable

Specialism
Conduct and Compliance

Management Level
Senior Associate

Job Description & Summary
A career in our Oracle Risk Assurance practice, within Information Technology Risk Assurance will allow you to develop and apply strategies that help clients leverage enterprise technologies so they can get a higher return on their investment, mitigate risks, streamline processes, and find operational inefficiencies. The work revolves around creative problem solving and applying innovative technologies to enable strategies that increase the value of the applications that run our client’s business, mitigate risk and find operational inefficiencies.

Our focus is on creating effective and efficient design for the most important business, security and compliance processes for our clients. We touch on aspects of application security, areas prone to fraud and financial misstatement, and streamline processes that are part of our client’s core business so they can get a higher return on this key investment. Using innovative, and proprietary technologies, we help to bridge the gap between business stakeholders, compliance functions and Information Technology teams to assist in understanding how to embrace new ways of working, while limiting their financial and operational risk profile. We use knowledge of financial system design, risk mitigation, business process design, data integrity, security and use of data analytics.


To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

Use feedback and reflection to develop self awareness, personal strengths and address development areas.
Delegate to others to provide stretch opportunities, coaching them to deliver results.
Demonstrate critical thinking and the ability to bring order to unstructured problems.
Use a broad range of tools and techniques to extract insights from current industry or sector trends.
Review your work and that of others for quality, accuracy and relevance.
Know how and when to use tools available for a given situation and can explain the reasons for this choice.
Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
Use straightforward communication, in a structured way, when influencing and connecting with others.
Able to read situations and modify behavior to build quality relationships.
Uphold the firm's code of ethics and business conduct.


• Relevant Certification
• Degree would be an advantage.
• Specific focus on information security-related subjects / disciplines would be an advantage.
• Accreditation
• CEH - Certified Ethical Hacker
• OSCP - Offensive Security Certified Professional
• Security +
• CISSP (advantageous)
• CISM (advantageous)
• ISO 27001 (advantageous)
• CISA (advantageous

• 2 - 3 years relevant project and consulting experience

Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements
Up to 20%

Available for Work Visa Sponsorship?
No

Government Clearance Required?
Yes

Job Posting End Date
May 30, 2023


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0007   Knowledge of authentication, authorization, and access control methods.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
  • K0111   Knowledge of network tools (e.g., ping, traceroute, nslookup)
  • K0290   Knowledge of systems security testing and evaluation methods.
  • K0301   Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
  • K0318   Knowledge of operating system command-line tools.
  • K0324   Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • K0339   Knowledge of how to use network analysis tools to identify vulnerabilities.
  • K0342   Knowledge of penetration testing principles, tools, and techniques.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)

Required Skills
  • S0036   Skill in evaluating the adequacy of security designs.
  • S0078   Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0167   Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).

Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • A0159  Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).