Cybersecurity Assessment Expert at IT - Strat managing A&A of information systems for U.S. federal clients. Ensuring compliance with DOD cybersecurity policies and standards in complex IT environments.
PW
Hybrid Cybersecurity Threat & Vulnerability Manager, Cyber Security, Technology Consulting
Posted 2 months ago
About the role
- Threat and Vulnerability Manager at PwC conducting security assessments and advising on compliance standards. Leading a team to implement advanced security measures within client organizations.
Responsibilities
- Conduct security assessments, red team exercises, web application penetration testing, vulnerability assessment and secure configuration review to identify risks and recommend appropriate remediation measures
- Advising clients on relevant regulations, standards, and best practices (e.g., NIS2, ISO 27001, NIST)
- Help us grow the TVM team and service offerings
- Support the TVM team in implementing advanced red team infrastructure
- Identify and evaluate the latest technologies, tools and methods
- Keep apprised of the latest threats and new compliance relevant to the penetration testing.
Requirements
- Strong experience in offensive security
- Proven leadership in managing diverse teams
- Experience in developing payloads and obfuscating tools to evade modern day EDRs
- Significant experience in implementing red team infrastructure
- Experience in conducting regular vulnerability scans, penetration tests, secure configuration reviews of network devices, databases, windows and linux operating systems
- Experience in conducting red team assessment using tools such as Cobalt strike, NightHawk and Mythic
- Significant experience in web and mobile application penetration testing
- Experience with security assessment tools such as Burp Suite, Tenable Nessus, Qualys, Rapid 7 etc, as well as the associated methodologies
- Strong knowledge of attacker methodologies and tactics with experience in mitigating and addressing threats
- Intermediate experience in cloud penetration testing and its secure configuration review
- Experience with developing ransomware simulation script is a plus
- Experience in designing and implementing security architecture is a plus
- One or more technical security certifications is a plus: Offensive Security (OSCP, CRTO, OSEP, OSED, OSWE, OSCE, CRTO II, CRTP, CRTE)
- 5+ years of full-time dedicated experience in threat and vulnerability management focused roles
- Bachelor’s degree in Computer Science, Business information Systems, related field; or additional, relevant professional experience.
Benefits
- Competitive compensation package
- Inclusive employee benefits
- Flexibility programs that will help you thrive in work and life.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Director leading Information Security at KPMG Budapest, developing programs and policies to align with global priorities and strategy.
Senior Security Engineer responsible for deploying and maintaining endpoint security solutions. Collaborating across teams to enhance security posture and supporting incident response activities.
Administrative support role within MAHLE's Thermal and Fluid Systems unit, assisting the team with various operational tasks and employee interactions.
Senior Security Engineer at PagBank focusing on application security and secure development practices. Responsibilities include testing, vulnerability management, and collaboration with development teams.
Security Software Engineer at a tool - building company automating coding. Focused on shipping secure products covering enterprise security, cloud, and embedded protections.
Senior Product Cyber Security Systems Engineer at Sonova focusing on product security and cyber threats. Collaborating with teams to maintain robust security practices and compliance.
Threat Exposure Oversight Specialist enhancing security risk management in Cyber Defence team. Collaborating across functions to validate and document security controls and risks.
Lead Security Engineer at Octopus Energy, ensuring security in digital energy solutions and managing a team. Join us in revolutionizing the renewable energy transition.
Lead Information Security Analyst driving security improvements and team management at Octopus Energy. Join us in ensuring secure service delivery across our global operations.