Technology - Risk Services (Cybersecurity) Assistant Associate

Line of Service

Assurance

Industry/Sector

TMT X-Sector

Specialism

Product Innovation

Management Level

Associate

Job Description & Summary

We believe that challenges are best solved together. That’s why, when you join us, you become part of a diverse and global community of problem-solvers. You'll find an unexpected mix of people who bring their unique expertise to build trust in society and tackle important issues. Here, we welcome and encourage you to lead with value and inspiration, question and challenge assumptions, as well as embrace new opportunities to deliver quality outcomes in exciting and unexpected ways, all with the support of technology.

We work with our clients to build trust across their digital/technology-enabled businesses and address areas such as the loss or misuse of important data, failure to react to changes in the market, implementing and reviewing systems or business processes, while also verifying that third-party providers effectively manage and control current and future cybersecurity threats through rigorous penetration testing and red teaming exercises.

In the Cybersecurity team, we help clients to achieve their business objectives by providing various services such as penetration testing, red teaming, source code review, etc.

As an Assistant Associate, you’ll be exposed to a diverse scope of work, namely:

• Penetration Testing – you'll learn to identify and exploit vulnerabilities, helping clients secure their assets and protect sensitive data, all while gaining hands-on experience and growing professionally.

• Red Teaming – Simulate adversary tactics, techniques, and procedures to test organizational defenses, focusing on achieving specific objectives, conducting covert operations, and maintaining long-term access to compromised systems.

• Cybersecurity Assessment – Assess clients’ security posture through the performance of host configuration review against industry benchmarks, source code reviews, architecture review and cybersecurity risk assessment.

• Technology regulatory compliance review – Assess clients’ compliance against the technology regulations such as Singapore Cybersecurity Act and related Cybersecurity Codes of Practice, MAS Technology Risk Management Guidelines, MAS Cyber Hygiene, and more.

• Data privacy / protection – Advise clients on data privacy / protection measures impact through the study of their business and data processes based on data privacy regulations (e.g. Singapore Personal Data Protection Act, General Data Protection Regulation (GDPR)) and best practices.

Requirements

• Computer Science, Computer Engineering and Information Technology students from reputable local and overseas universities

• Knowledge of security testing tools (e.g. Kali Linux, Covenant, Metasploit, nmap, burp suite etc.)

• Knowledge of scripting programming languages (e.g. bash, python )

• Are keen to develop themselves in the profession

• Are highly motivated, enthusiastic, confident and creative

• Have a good co-curricular activities record

• Possess strong interpersonal and communication skills

• Are service-oriented and committed to teamwork and excellence

• Penetration testing specific certification such as CEH, CRT, OSCP etc. is an advantage.

• Participation in CTF, publicly discovered information security flaws and acknowledged CVE, published research or tool within offensive security domain is an advantage

 

Note:

• Please note we accept only one application per candidate. You may indicate your second preference in the same application. We recommend that you apply to your preferred position that closely aligns with your skills, passions and interests.

• You can indicate another role in the same application form. Duplicate entries will slow down your application with us.

• Kindly upload both your resume and degree audit or transcript in PDF format all under Resume attachment upload

• Kindly note only shortlisted candidates will be contacted.

 

Got a question? Email to [email protected].

 

There have been reports of scammers impersonating PwC HR professionals contacting individuals about fraudulent job opportunities using non-PwC domain email addresses and an overseas number. Please note that genuine communications from our HR team will only come from "@pwc.com" email address.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date