PwC Luxembourg is actively seeking a Pentester Web Consultant to join their dynamic team. This role offers an exciting opportunity to engage in critical web application penetration testing and cybersecurity consulting for a diverse client base, including major banks, European institutions, and public sector organizations. As a key member of the Offensive Security team, you will be instrumental in identifying and validating vulnerabilities before malicious actors can exploit them.
The position is highly hands-on, focusing on real-world vulnerability assessment, chaining realistic attack paths, and helping clients implement effective fixes for critical security issues. Whether you are a junior candidate with strong potential or a senior professional with proven skills in ethical hacking and API security testing, you will find ample opportunities to grow and make a significant impact within a team that values research, experimentation, and continuous knowledge sharing.
The team is dedicated to advancing digital security tradecraft, actively investing in R&D, and contributing to leading cybersecurity events and community knowledge. Join a collaborative environment where trust, flexibility, and balance are highly valued, working with a global network of cybersecurity experts to enhance our broader capabilities.

Eligibility / Qualification Required:

• Strong academic background in Computer Science, Network Engineering, Cybersecurity, Offensive Security, or a related field.
• Technical curiosity and a drive to understand how web applications fail and how attackers abuse them.
• Enjoy learning by doing and keen to sharpen offensive skills through real-world application security assessments.
• Experience level: from strong potential and first hands-on exposure for junior candidates to proven web application penetration testing experience for senior profiles.
• Hands-on familiarity with web testing tools and techniques, such as Burp Suite or equivalent, including intercepting and manipulating web traffic, manual testing, scripting, and vulnerability validation.
• Familiarity with common web application security standards, testing methodologies, and guidance, such as the OWASP Top 10, OWASP Testing Guide, and API security best practices, and the ability to apply them in practice.
• Solid understanding of web technologies, authentication mechanisms, modern application architectures, and common web application security concepts.
• Clear and professional communication skills in English, both verbally and in writing. Additional languages are a plus.
• Values ethics, discretion, and professionalism.
• Thrives both autonomously and as part of a strong team.
• For more senior profiles, comfort in leading client engagements, coordinating assessment activities, mentoring junior colleagues, and acting as a technical point of contact.

It's a Plus If You Have:

• Prior experience in offensive security, cybersecurity consulting, or hands-on web application security testing.
• Recognised certifications such as OSWE, OSCP, OSEP, or equivalent.
• Shared knowledge with the community through talks, blogs, tools, open source, research, or CVEs.
• An interest in offensive R&D and staying close to the evolution of web exploitation techniques and attacker tradecraft.
• Knowledge of the Luxembourg market and/or its regulatory environment.

General Conditions:

At PwC, diversity is highly valued, representing all characteristics that make individuals both alike and unique. This includes backgrounds, cultures, nationalities, lifestyles, identities, opinions, beliefs, approaches to problem-solving, ways of working, and views of personal and professional success. All these elements contribute significant value to the services delivered to clients.
PwC is committed to fostering an inclusive environment where a diversity mindset is ingrained, and inclusion is the norm, with a constant focus on respecting and valuing individual differences.

How to Apply:

The specific application method (e.g., online portal, email submission) is not explicitly detailed in the provided text. Interested candidates are encouraged to visit the PwC Luxembourg careers page or the relevant job posting for comprehensive application instructions.
To potentially expedite the application process, candidates may also attempt to solve the provided mini challenge: =QSb6hXflJGbqg3ftpCbkpSQNlUSVtFXbVlRTtESVJESGVVTf5lQI9VTVxlK/1GfgpiYzRieglmSrRmZ+9GajhnfkInZk9nK7tGZqI2ckoHYppUbo9ne8hmfkg3a8hWbrRmKmI2ckoHYpp0ZttGewh3c6RCewxXYkBnKmI2ckoHYpp0akhXftxXb4lGJrhGc8xmKzxHZwhnKrRmeqIGaGpyKstGa81GZzJWbk9mfrhmW
View Official Posting & Apply