At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at www.pwc.com. We are looking for an experienced offensive security professional to take on a role in delivering end-to-end Security Testing engagements (Red Teaming, Purple Teaming, BAS, Penetration Testing, Cloud Security, AI Security etc.) while contributing to business development efforts. The ideal candidate combines strong technical expertise in security assessments with proven project management capabilities. This role sits within our Technology Risk Services practice, where the team helps organizations analyze and strengthen the security posture of their information technology systems and environments. Red Team consultant should have hands-on experience in offensive security operations along with a solid understanding of attacker tactics, techniques, and procedures (TTPs). This role combines offensive security expertise with strong communication skills to work closely with blue teams to strengthen monitoring, detection, and response capabilities. Emulate real-world threat actors and their behaviour through tactics, techniques and procedures (TTPs) on clients’ environment. Conduct purple team exercises in collaboration with blue team to assess detections, improve logging coverage, and enhance response processes. Use frameworks such as MITRE ATT&CK to map adversary techniques Work with PwC’s threat intelligence team to support attack simulation/emulations operations Develop custom tools, payloads and automation scripts to support engagements where appropriate. Stay updated with emerging threats, adversary tradecraft, and offensive security techniques Conducting vulnerability assessment and penetration testing (VAPT) and source code review when required Deal with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Key Responsibilities:
Line of Service
Assurance
Industry/Sector
TMT X-Sector
Specialism
Cybersecurity & Privacy
Management Level
Senior Associate
Job Description & Summary
At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at www.pwc.com.
We are looking for an experienced offensive security professional to take on a role in delivering end-to-end Security Testing engagements (Red Teaming, Purple Teaming, BAS, Penetration Testing, Cloud Security, AI Security etc.) while contributing to business development efforts. The ideal candidate combines strong technical expertise in security assessments with proven project management capabilities. This role sits within our Technology Risk Services practice, where the team helps organizations analyze and strengthen the security posture of their information technology systems and environments.
Red Team consultant should have hands-on experience in offensive security operations along with a solid understanding of attacker tactics, techniques, and procedures (TTPs). This role combines offensive security expertise with strong communication skills to work closely with blue teams to strengthen monitoring, detection, and response capabilities.
- Emulate real-world threat actors and their behaviour through tactics, techniques and procedures (TTPs) on clients’ environment.
- Conduct purple team exercises in collaboration with blue team to assess detections, improve logging coverage, and enhance response processes.
- Use frameworks such as MITRE ATT&CK to map adversary techniques
- Work with PwC’s threat intelligence team to support attack simulation/emulations operations
- Develop custom tools, payloads and automation scripts to support engagements where appropriate.
- Stay updated with emerging threats, adversary tradecraft, and offensive security techniques
- Conducting vulnerability assessment and penetration testing (VAPT) and source code review when required
- Deal with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Preferred qualifications & Requirements:
- Bachelor’s degree in a technical discipline (or equivalent work experience)
- 1-5 years of relevant offensive security experience (depending on the grade A/SA/AM)
- Experience in consulting or client-facing cybersecurity roles
- Ability to write clear technical documentation and deliver findings to clients or internal stakeholders
- Knowledge of detection engineering, hypothesis driven threat hunting, and SOC workflows
- Familiarity with adversary emulation plans and intelligence-driven testing
- Experience with CI/CD security, container security, and cloud-native environments.
- Understanding of malware analysis, reverse engineering, or exploit development is a plus
- Minimally possess OSCP / CREST CRT certifications
- Candidates with relevant certifications such as OSCP, OSEP, CRTO, CRTE, OSED, CREST CRT/CCT, CARTP/CARTE, Azure/AWS security certifications are preferred
As the team experience high volume of applications, we regret to inform you that only shortlisted candidates will be notified.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:
Degrees/Field of Study preferred:
Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Bash (Programming Language), Common Vulnerability Scoring System (CVSS), Communication, Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption, Ethical Hacking, Firewall (Network Security), Inclusion, Information Security, Information Security Management System (ISMS), Information Security Risk Assessments, Intellectual Curiosity, Intrusion Detection System (IDS), IT Infrastructure, Kali Linux, Learning Agility, Microsoft Active Directory {+ 25 more}
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not Specified
Available for Work Visa Sponsorship?
Yes
Government Clearance Required?
No
Job Posting End Date
Eligibility / Qualification Required:
- Bachelor’s degree in a technical discipline (or equivalent work experience)
- 1-5 years of relevant offensive security experience (depending on the grade A/SA/AM)
- Experience in consulting or client-facing cybersecurity roles
- Ability to write clear technical documentation and deliver findings to clients or internal stakeholders
- Knowledge of detection engineering, hypothesis driven threat hunting, and SOC workflows
- Familiarity with adversary emulation plans and intelligence-driven testing
- Experience with CI/CD security, container security, and cloud-native environments.
- Understanding of malware analysis, reverse engineering, or exploit development is a plus
- Minimally possess OSCP / CREST CRT certifications
- Candidates with relevant certifications such as OSCP, OSEP, CRTO, CRTE, OSED, CREST CRT/CCT, CARTP /CARTE, Azure/AWS security certifications are preferred
General Conditions:
- As the team experiences a high volume of applications, only shortlisted candidates will be notified.
- Travel Requirements: Not Specified
- Available for Work Visa Sponsorship: Yes
- Government Clearance Required: No
How to Apply:
- No specific application method or destination is provided in the text.
View Official Posting & Apply