IN_Manager_ VAPT _S&G_ Advisory _Chennai
PWC
5 - 10 years
Chennai
Posted: 25/01/2025
Job Description
Line of Service
AdvisoryIndustry/Sector
FS X-SectorSpecialism
RiskManagement Level
ManagerJob Description & Summary
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.
- Job Description & Summary: In-depth knowledge of application development processes and at least one programming and one scripting language (e.g., Java, Scala, C#, JavaScript, Angular, ReactJs, Ruby, Perl, Python, Shell).
- Knowledge on OS security (Windows, Unix/Linux systems, Mac OS, VMware), network security and cloud security.
Responsibilities:
Preferred Knowledge/Skills:
Requirement Criteria:
- Graduation in EC or CS or IT or Information Security or Cyber Security or MCA.
- Working experience as a Penetration Testing Expert for 5 year(s)
- Hands on experience with security testing frameworks such as the PTES, OWASP, OSSTMM, SANS.
- In-depth knowledge of application development processes and at least one programming and one scripting language (e.g., Java, Scala, C#, JavaScript, Angular, ReactJs, Ruby, Perl, Python, Shell).
- Knowledge on OS security (Windows, Unix/Linux systems, Mac OS, VMware), network security and cloud security.
- Hands on experience in BurpSuite, Nessus, Checkmarx, Acunetix and Kali Linux penetration testing tools etc.
- Knowledge on Threat Modelling, Source Code Reviews, Secure Architecture Reviews
- One of the certifications – OSWE/OSCP/OSCE/eJPT/CPENT- ECCouncil /LPT(Licensed Penetration Tester-ECCouncil)/GPEN(GIAC Penetration Tester)/ GWAPT(GIAC Web Application Penetration Tester) is mandatory (preferably OSCP)
High Level Responsibilities:
- Security testing of mobile applications, web applications, APIs etc.
- Perform SAST, DAST & VAPT with new standards from time to time. Review sufficient security controls are in place as per, but not limited to, client's policy, industry best practice/process and regulatory requirements.
- Identify the Individual Application security risk portfolio / threats. Gaps identified along with recommendations to be submitted in Customized reports as requested by client.
- Review of API/middleware/SFTP etc. interfaces between applications.
- Develop/Review Baseline document for OS/Application Security/ API.
- Review the security architecture of various applications deployed/to be deployed (including cloud based) and assess risk associated and suggest mitigation & resolution.
- Evaluation/Security Assessment of open-source applications.
- Vetting of Network and data flow Diagrams, with respect to security aspect, for new applications, in co-ordination with the vendors and clients.
- Review application architecture, data flow diagram, network diagram, database configuration, crypto standards.
- Perform Application threat modeling.
- Gap assessment of the Cloud applications, solutions, platforms, process to fill the gaps.
Education:
- Minimum Qualification: BE/ BTech/MBA/Mtech/MCA (Non Mechanical)
- Postgraduates in any stream would be preferred (not mandatory)
Mandatory skill sets:
"vapt" and ("oscp" or "EJPT" or "OSWE" or "CPENT" or "GPEN" or "GWAPT" or "OSCE") and security and "Penetration Testing" and mobile
Preferred skill sets:
ISO
Years of experience required:
5+ Years
Education qualification:
BE, B.tech, ME, M.tech, MCA, (non mechanical)
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required: Bachelor of Engineering, Master of EngineeringDegrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Captcha, WAPT ProOptional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage {+ 13 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Available for Work Visa Sponsorship?
Government Clearance Required?
Job Posting End Date
About Company
PricewaterhouseCoopers (PwC) is a global professional services firm providing audit, tax, and consulting services. PwC helps organizations manage financial risks, comply with regulations, and improve performance through its expertise in industries like finance, healthcare, and technology.
Services you might be interested in
One-Shot Campaign
Reach out to ideal employees in one shot!
The intelligent campaign for reaching out to the ideal audience to whom you can ask for help (guidance or referral).