|Are you interested in the opportunity to work for an industry-leading company that services Fortune 500 companies, and will give you the experience and exposure you need to build your career? If you are, then PricewaterhouseCoopers LLP (www.pwc.com/us) is the firm for you. PricewaterhouseCoopers LLP (PwC US) is well placed to help clients meet the challenges and opportunities of the US marketplace in the areas of assurance, tax, and advisory. We offer the perspective of being part of a global network of firms combined with detailed knowledge of local, state and US national issues. More than 169,000 people in over 158 countries across the PwC network are committed to deliver quality in assurance, tax and advisory services. People across the PwC network share knowledge, experience and solutions to develop fresh perspectives and deliver practical advice.|
At PwC US, you will be part of a learning culture, where teamwork and collaboration are encouraged, excellence is rewarded, and diversity is respected and valued. We offer a flexible career progression model that allows for a variety of challenging opportunities throughout your career. We provide unparalleled coaching, mentoring, and career development programs; global opportunities; and state of the art technology-driven methodologies to help you provide quality service to our clients.
|Global IT is responsible for the success of our central technology efforts in our federated business model.|
The Security Compliance team is responsible for assessing member firms, Regional Data Centers, Service Delivery Centers and global applications for compliance with PwC's global Information Security Policy, and supporting where applicable, their compliance to ISO 27001 registration. The Security Services team is responsible for maintaining and enhancing the global ISP and supporting standards and supplements; supporting the member firms and global programmes in understanding and adhering to the ISP and supporting standards, and; sponsoring the deployment of tools and processes to monitor the security profile of the PwC network of firms.
|Basic Qualifications/Preferred Skills & Knowledge
Extensive knowledge of technical domains of application development such as SAP, PeopleSoft, J2EE, .Net, C++. Documentum, Websphere, SharePoint, Oracle, SQL, database tools, reporting tools, and other application tools/languages. Requires deep expertise of development methodologies such as Object Oriented, Rational Unified Process, Waterfall, Iterative, Agile, ERP, Maintenance, COTS implementation, Model-driven Architecture, etc.
Has deep expertise in particular technical domain area(s) and contributes to the development of technical standards and practices. Has deep expertise of System Development Life Cycle methodologies used with the technical domain.
Demonstrated ability to:
Analyze/translate business needs into effective technical solutions.
Resolve technical issues and researche industry best practices for the monitoring, support, maintenance, and implementation of applications.
Adhere to SDLC used for workstream development.
Document technical aspects of application development in work products used in SDLC.
Develop quality SDLC deliverables.
Support applications during implementations
Minimum Years of Experience Necessary:
Minimum Degree(s) and Certification(s) Required:
Undergraduate Degree (e.g., BA, BS) or 5+ years of IT Security experience
|Works with project teams to identify opportunities and provide recommendations on how application security can be built into project development. Interacts with PwC IT members and vendor on application projects to provide application threat vulnerability assessment.|
The TISCO finds security vulnerabilities in target systems, networks, and applications in order improve the security posture of mission critical applications within member firms or other clients. By identifying which flaws can be exploited to cause business risk, the pen tester provides crucial insights into the most pressing issues and suggests how to prioritize security resources.
Experience conducting vulnerability and penetration scans using tools such as Burpsuite, Nessus, BackTrack, .Net Reflector, IBM appscan, Accunetix, Qualys, AppDetective, a plus