Line of Service Assurance Industry/Sector Technology Specialism Cybersecurity & Privacy Management Level Manager Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation's security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. About the role As a Red Team Manager you will be working in line with CRESTand other relevant industry standards in order to deliver attack simulation services at the highest levels into our clients. Our clients are some of the largest global organisations and come from all sectors including a significant proportion from our traditional background in the financial services sector. All share a key objective and want to understand the risks they face from real world threats so we package up individual work programs to meet their needs. We increasingly see questions coming from company boards and risk committees asking the questions that only an effective adversary simulation exercise can answer. Roles and Responsibilities Deliver and manage relatively complex client engagements requiring the use of offensive security tools and techniques to to identify weaknesses in client IT environments by legally breaking into computer systems, websites, mobile applications and wireless platforms as part of real world simulated attack scenarios; Research a variety of topics including: advanced evasion techniques for enhancing our red team capabilities and other novel techniques and capabilities; Contribute to the creation of new private and public tooling to enhance deliver capabilities; Work with a world leading Threat Intelligence team to deliver full package solutions to clients looking to answer both the “who” and the “how” questions for possible attacks; Work closely with a dedicated development team to research and weaponise new vulnerabilities and techniques for bypassing endpoint security solutions; Manage and mentor junior staff through sharing of professional and technical skills and experience; Maintain and develop relationships with iconic clients, understanding their needs, producing proposals to address them and providing risk based recommendations on security matters; Conduct and manage a variety of testing including: red teaming, infrastructure testing, both internal and external; application testing of both web and proprietary applications and protocols; mobile systems testing including RF and WiFi solutions; Research a variety of topics including: advanced evasion techniques for enhancing our red team capabilities, embedded devices such as IIoT/IoT; Scada/ICS, automotive; cryptography techniques and implementations; novel techniques and capabilities; Work with clients to review and enhance the security of key platforms such as Azure AD, Office 365 and a variety of supporting cloud platforms including IaaS and SaaS. This role is for you if: You have significant practical experience delivering a range of ethical hacking services to customers; You are an expert user of both Windows and Linux operating systems. You are highly experienced in using commercial security testing tools and strong track record of interpreting and triaging results, and producing management reports. You have good working knowledge of Azure AD, Office 365 and common cloud hosting platforms. You have extensive knowledge of security testing requirements and techniques, demonstrated by Cyber Security Industry qualifications such as CREST SAS, SAM, CCT or OSCE; Excellent business communication skills, including writing proposals, initiating client engagements, leading workshops, writing reports, and delivering presentations to clients; Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Coaching and Feedback, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis { 21 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Up to 60% Available for Work Visa Sponsorship? No Government Clearance Required? Yes Job Posting End Date