Ethical Hacker - Cardiff

  • Location


  • Sector:


  • Job ref:


  • Published:

    about 1 year ago

  • Expiry date:


  • Client:


A career in our Cyber Security practice, within the Ethical Hacking team, will provide you with the opportunity to assist clients in testing the effectiveness of their security controls in both the technology and human process spaces. No technology based solution can prevent human error so we work closely with our clients to become their trusted advisors offering far more than commodity penetration testing. Using blended teams of experts from across our Threat Intelligence, Incident Response, Software Assurance and Ethical Hacking teams we provide customised solutions that meet the business objectives of our clients.

The Ethical Hacking team include individuals with a variety of backgrounds, software development, computer networking, systems administration, hardware testing, reverse engineering, RF engineering and those that have spent their entire careers working in the cyber security industry. Our strength lies in our continuing expansion of our capabilities and our investment in training and research to ensure we develop our staff in to become truly world class experts in their chosen specialisms.

About the role

A Senior Associate in our Ethical Hacking team will be an expert in their field and will already be working at a level in line with CREST or CHECK industry standards in order to support our clients’ businesses. PWC support staff with training and revision time to enable them to progress through industry exams with a view to becoming part of the CHECK scheme to enable deployment on government and military projects. Staff will be required to undertake an SC level clearance as part of this role.

You will be a generalist with experience across both infrastructure and application testing but specialities in specific areas can be developed and honed as your career develops. This role would suit someone who is comfortable working across the hands on cyber security spectrum and disciplines. We will offer you opportunities to develop your skills in different areas of cyber security.

Duties and Responsibilities

In this role, you can expect to perform any of the following client delivery work

  • Infrastructure testing, both internal and external

  • Application testing of both web and proprietary applications and protocols

  • Mobile systems testing including RF and WiFi solutions

  • Hardware research and IoT attacks

  • Research into cryptography techniques and implementations

  • Research into novel techniques and capabilities

  • Report writing and customer delivery meetings

  • Training and mentoring of junior team members

  • Supporting other business teams such as Incident Response and Threat Intelligence

You can also expect to perform the following business development activities

  • Meet with clients to understand their needs and help produce proposals to address them

  • Develop toolkits and methodologies to enhance our sales and delivery capability

  • Contribute to research, public blogs and whitepapers to improve our public profile

  • Attend and speak at conferences within the Information Security community

  • Contribute to recruitment campaigns to identify future staff members

  • Collaborate to develop new and innovative security services for our clients

Essential skills and experience

As a minimum, candidates for this role must have the following

  • Some (however limited) practical experience of delivering ethical hacking services to customers

  • Strong academic background such as a Bachelor’s or Master’s degree in a science, technology or maths related subject (candidates without academic degrees must be able to demonstrate professional development and supporting vocational and industry qualification)

  • Excellent business writing skills, particularly report writing skills

  • A good understanding of IT infrastructure fundamentals such as networks, operating systems and databases

  • Knowledge of infrastructure and application security testing requirements and techniques

  • While not prerequisites, the following will be advantageous

  • Any cyber/information security certification (e.g. CREST, TIGER, Cyber Scheme, SANS, CISSP, CISA, CISM, GIAC)

  • Experience of internal or external consulting or audit engagements

  • Exposure to multi-tier, web based and cloud based IT architectures

  • Knowledge of security technologies (e.g. AV, SIEM, IDM, IPS, F/W, SSO, DLP)

Who we’re looking for

We are looking for individuals that thrive in a high tech, entrepreneurial environment such that they are comfortable working independently with little supervision and have a strong desire to learn and a willingness to share knowledge. We are looking for individuals who thrive in a team environment and who understand that we are far more than the sum of our parts when working collaboratively both with colleagues and also with clients and third parties.

People that succeed in our business have a passion for cyber security, are naturally inquisitive and get a buzz from solving complex problems. Furthermore, they have a good attention to detail allied with exceptional analytical and technical aptitude. Most of all, they are or have as a desire to be excellent communicators as we are in a business founded on strong relationships.

About PwC

We’re one of the world’s leading professional services organisations. From 158 countries, we help our clients, some of the most successful organisations on the globe, as well as its most dynamic entrepreneurs and thriving private businesses, to create the value they want. We help to measure, protect and enhance the things that matter most to them.

The skills we look for in future employees

All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, ‘The PwC Professional’ and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships.

Learn more here


We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool, as well as those who reflect the diverse nature of our society. And we aim to encourage a culture where people can be themselves and be valued for their strengths. Creating value through diversity is what makes us strong as a business and as an organisation with an increasingly agile workforce, we're open to flexible working arrangements where appropriate.

Learn more here