Cybersecurity Threat & Vulnerability Manager Cyber Security Technology Consulting Advisory

Threat and Vulnerability Manager

Work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. The role focuses on identifying, assessing, and mitigating threats and vulnerabilities across clients' organizations while aligning with PwC's global leadership framework.

Key Responsibilities

• Conduct security assessments, red team exercises, web application penetration testing, vulnerability assessment and secure configuration reviews to identify risks and recommend appropriate remediation measures.
• Advise clients on relevant regulations, standards and best practices (e.g., NIS2, ISO27001, NIST).
• Help build and grow the TVM team and service offerings.
• Support implementation of advanced red team infrastructure.
• Identify and evaluate latest technologies, tools and methods.
• Maintain awareness of emerging threats and new compliance requirements relevant to penetration testing.

Qualifications

• Strong experience in offensive security, including development of payloads and obfuscation tools to evade modern EDRs.
• Proven leadership in managing diverse teams with ability to lead, mentor and develop talent.
• Significant experience implementing red team infrastructure.
• Experience conducting regular vulnerability scans, penetration tests and secure configuration reviews of network devices, databases, Windows and Linux operating systems.
• Experience with red team tools such as CobaltStrike, NightHawk, Mythic.
• Significant experience in web and mobile application penetration testing.
• Proficiency with security assessment tools (BurpSuite, Tenable Nessus, Qualys, Rapid7, etc.) and associated methodologies.
• Strong knowledge of attacker methodologies and tactics with experience mitigating threats.
• Intermediate experience in cloud penetration testing and secure configuration review.
• Experience developing ransomware simulation scripts is a plus.
• Experience designing and implementing security architecture is a plus.
• At least5years full time dedicated experience in threat and vulnerability management focused roles.
• Bachelor's degree in Computer Science, Business Information Systems or related field - or equivalent relevant professional experience.
• At least one technical security certification (e.g., OSCP, CRTO, OSEP, OSED, OSWE, OSCE, CRTOII, CRTP, CRTE) is a plus.

Benefits

Competitive compensation, inclusive employee benefits and flexibility programs designed to help you thrive in work and life.

Equal Opportunity

We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We are committed to providing reasonable accommodations for candidates with disabilities to participate in the application or interview process and perform essential job functions.