Risk Services - Cybersecurity Testing Assistant Associate - 2026 Intake

Job Description

At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at www.pwc.com.

Our Risk Services Practice provides an invaluable safeguard in today’s complex operating environment with insights and independent assurance. We work with clients to deliver business control to help them to protect and strengthen every aspect of their business from people to performance, systems to strategy, business plans to business resilience. We help clients manage, mitigate and control risks from potential cybersecurity breaches to possible breaks in the supply chain. We assess and prepare businesses by looking into their technology, finance, data analytics, regulatory requirements, data security and privacy, internal audit, and the third parties our clients rely on, to help clients deliver quality results and meet their strategic objectives.

About the Role

We are looking for motivated and curious Polytechnic students to join PwC’s Cybersecurity – Security Testing Assistant Associate. The role offers an opportunity to gain hands-on experience in offensive security and security assessments — including Vulnerability Assessment and Penetration Testing (VAPT), Host Configuration Review (HCR), Source Code Review (SCR) and Red Teaming (RT) within a professional services environment.

In addition to supporting the team’s day-to-day security testing engagements, you will also have the opportunity to explore how Artificial Intelligence (AI) and automation tools can be used to improve productivity, streamline workflows, and enhance both our internal processes and our technical offensive security work.

Key Responsibilities

• Support the team in performing security assessments, including VAPT, HCR and SCR.
• Assist in Penetration Testing (PT) engagements across web, mobile, infrastructure and other targets — learning to identify, validate and safely exploit vulnerabilities.
• Support Red Teaming (RT) engagements by helping to simulate real-world adversary Tactics, Techniques and Procedures (TTPs) to test client detection and response capabilities.
• Assist in setting up test environments, executing test cases, analysing results, and documenting findings and recommendations.
• Help prepare clear, well-structured reports and supporting evidence for client deliverables.
• Conduct research on emerging cyber threats, vulnerabilities, tools and offensive security techniques.
• Explore and apply AI tools and automation to improve how we work; for example, building scripts, dashboards, or lightweight workflow automation that enhance team efficiency, reporting quality and knowledge sharing.
• Apply AI-assisted approaches to technical offensive security work where appropriate (e.g. reconnaissance, data analysis, tooling and payload/script generation etc.).
• Contribute ideas and work closely with team members on special projects related to security testing innovation, tooling and process transformation.

Who We’re Looking For

• Pursuing a Diploma in Cyber Security, Information Technology, Information Security, Computer Science, Computer Engineering, or related disciplines.
• Genuinely interested in offensive security, security testing, and how attackers think and operate.
• Curious about how AI and automation can be applied to both business/internal workflows and technical offensive security.
• Analytical, detail-oriented, and willing to learn and be challenged.
• Strong critical thinking and problem-solving skills.
• Good interpersonal and communication skills, with a collaborative, team-first mindset.
• Proactive, resourceful, self-driven and open to taking initiative.

Advantageous Qualifications

• Familiarity with common security testing tools (e.g. Kali Linux, Nmap, Burp Suite, Metasploit or similar).
• Basic scripting or programming ability (e.g. Python, Bash, PowerShell).
• Exposure to AI/LLM tooling (e.g. prompt engineering, using APIs, building simple AI-enabled scripts, dashboards or automations).
• Participation in Capture The Flag (CTF) competitions, bug bounty programmes, publicly discovered security flaws or acknowledged CVEs, or published research/tools in the offensive security space.
• Certifications such as eJPT, CEH, CRT, or OSCP — or equivalent self-driven learning — are a plus.

Education

Degrees/Field of Study required: Not specified

Degrees/Field of Study preferred: Not specified

Certifications

Not specified

Required Skills

Optional Skills

• Accepting Feedback
• Active Listening
• Bash (Programming Language)
• Common Vulnerability Scoring System (CVSS)
• Communication
• Cybersecurity
• Encryption
• Ethical Hacking
• Firewall (Network Security)
• Information Security
• Information Security Management System (ISMS)
• Information Security Risk Assessments
• Intellectual Curiosity
• Kali Linux
• MITRE ATT&CK Framework
• Network Security Assessment
• Network Security Penetration Testing
• Offensive Security
• Python
• PowerShell
• Shell Scripting
• Security Testing
• Software Development
• VAPT

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date

Not specified