
Risk Services - Red Team Consultant (Associate / Senior Associate / Assistant Manager)
Job Description
Line of Service
AssuranceIndustry/Sector
TMT X-SectorSpecialism
Cybersecurity & PrivacyManagement Level
Senior AssociateJob Description & Summary
At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at www.pwc.com.We are looking for an experienced offensive security professional to take on a role in delivering end-to-end Security Testing engagements (Red Teaming, Purple Teaming, BAS, Penetration Testing, Cloud Security, AI Security etc.) while contributing to business development efforts. The ideal candidate combines strong technical expertise in security assessments with proven project management capabilities. This role sits within our Technology Risk Services practice, where the team helps organizations analyze and strengthen the security posture of their information technology systems and environments.
Red Team consultant should have hands-on experience in offensive security operations along with a solid understanding of attacker tactics, techniques, and procedures (TTPs). This role combines offensive security expertise with strong communication skills to work closely with blue teams to strengthen monitoring, detection, and response capabilities.
Emulate real-world threat actors and their behaviour through tactics, techniques and procedures (TTPs) on clients’ environment.
Conduct purple team exercises in collaboration with blue team to assess detections, improve logging coverage, and enhance response processes.
Use frameworks such as MITRE ATT&CK to map adversary techniques
Work with PwC’s threat intelligence team to support attack simulation/emulations operations
Develop custom tools, payloads and automation scripts to support engagements where appropriate.
Stay updated with emerging threats, adversary tradecraft, and offensive security techniques
Conducting vulnerability assessment and penetration testing (VAPT) and source code review when required
Deal with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Preferred qualifications & Requirements:
Bachelor’s degree in a technical discipline (or equivalent work experience)
1-5 years of relevant offensive security experience (depending on the grade A/SA/AM)
Experience in consulting or client-facing cybersecurity roles
Ability to write clear technical documentation and deliver findings to clients or internal stakeholders
Knowledge of detection engineering, hypothesis driven threat hunting, and SOC workflows
Familiarity with adversary emulation plans and intelligence-driven testing
Experience with CI/CD security, container security, and cloud-native environments.
Understanding of malware analysis, reverse engineering, or exploit development is a plus
Minimally possess OSCP / CREST CRT certifications
Candidates with relevant certifications such as OSCP, OSEP, CRTO, CRTE, OSED, CREST CRT/CCT, CARTP/CARTE, Azure/AWS security certifications are preferred
As the team experience high volume of applications, we regret to inform you that only shortlisted candidates will be notified.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Bash (Programming Language), Common Vulnerability Scoring System (CVSS), Communication, Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption, Ethical Hacking, Firewall (Network Security), Inclusion, Information Security, Information Security Management System (ISMS), Information Security Risk Assessments, Intellectual Curiosity, Intrusion Detection System (IDS), IT Infrastructure, Kali Linux, Learning Agility, Microsoft Active Directory {+ 25 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
YesGovernment Clearance Required?
NoJob Posting End Date