Overview
A Senior Associate in Cybersecurity & Privacy will support PwC Italy’s clients in building and strengthening their cybersecurity programs. The role involves developing transformation strategies, integrating technology systems, and safeguarding data against evolving threats.
Responsibilities
* Participate in the Ethical Hacking team, focusing on Vulnerability Assessment, Penetration Testing, Mobile Security Assessment, Secure Code Review, Network Security Assessment, Red/Purple Teaming, and Security‑by‑Design initiatives.
* Identify security vulnerabilities across web applications, infrastructure, network equipment, Wi‑Fi, mobile apps, APIs, etc.
* Conduct penetration and red‑teaming exercises from external and/or internal perspectives to achieve unauthorized access to IT systems.
* Prepare technical and executive‑level reports, providing actionable recommendations.
* Collaborate with internal and client development teams to formalize, implement, and verify security requirements under a Security‑by‑Design framework.
* Contribute to the evolution of test and reporting methodologies within the team.
* Participate in periodic e‑learning sessions (e.g., Global CTF) with the PwC Network.
Qualifications
* Preferable 4+ years of experience in the field, with consulting experience a plus.
* Bachelor’s degree preferred in Computer and Information Science, Information Technology, Computer Applications, Computer Engineering, or Information Security.
* Certifications such as OSCP, eJPT, GWAPT, or equivalent.
* Proficiency in Italian (written and spoken); English knowledge is a plus.
* Willingness to travel up to 60% of the time.
* Work visa sponsorship not available; government clearance not required.
Required Skills
* Accepting Feedback
* Active Listening
* Analytical Thinking
* Bash (Programming Language)
* Common Vulnerability Scoring System (CVSS)
* Communication
* Creativity
* Cybersecurity
* Embracing Change
* Emotional Regulation
* Empathy
* Encryption
* Ethical Hacking
* Firewall (Network Security)
* Inclusion
* Information Security
* Information Security Management System (ISMS)
* Information Security Risk Assessments
* Intellectual Curiosity
* Intrusion Detection System (IDS)
* IT Infrastructure
* Kali Linux
* Learning Agility
* Microsoft Active Directory
#J-18808-Ljbffr