Job Description

Line of Service

Assurance

Industry/Sector

Not Applicable

Specialism

Assurance

Management Level

Associate

& Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in application security at PwC will be responsible for providing security services to development teams including code scanning, readiness testing, and penetration testing to enable application teams to build and deploy secure applications in Production. You will utilise a risk-based methodology and "shift-left" approach to engage early in the software development lifecycle.

Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives, needs, and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen, ask questions to check understanding, and clearly express ideas.
• Seek, reflect, act on, and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.

Responsibilities:

• Perform assessment / Design/ implementation related to cybersecurity:
  • Governance using various standards / frameworks such as NIST, ISO 27000 family, PCI-DSS, COBIT, CIS, and other established standards; or
  • Various application security and various infrastructure security (e.g operating System, database, firewall, switches, API and other security devices). This includes security assessment on web applications / infrastructures / clouds / mobile applications; or
  • Cloud security; or
  • Red teaming exercise; or
  • Cyber incident response, threat hunting and incident analysis; or
  • Operation Technology security (preferably in energy, mining, utilities and oil & gas industry).
• Interacting with clients on solutions and executing projects on client engagements, forming client relationships and demonstrating an understanding of the client’s business.
• Preparing concise and accurate documents / report, leveraging and utilizing MS Office (Word, Excel, Access, PowerPoint).

Requirements:

• Minimum Bachelor degree(s).
• Good professional reporting skills in Bahasa Indonesia and English
• Good knowledge of relevant cybersecurity standards / frameworks.
• Good experience and knowledge in the general IT technical and controls, network, and security best practises.
• Having related cybersecurity certificate is an advantage:
  • Cybersecurity Governance area: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
  • Application and Infrastructure security area: Offensive Security Certified Professional (OSCP) or Offensive Security Certified Expert (OSCE).
  • Cloud security: Certified Cloud Security Professional (CCSP) or advanced security certification from Cloud Service Provider.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:Degrees/Field of Study preferred: Bachelor Degree - Information System

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Application Security, Application Security Assessment, Azure Data Factory, Cloud Application Development, Cloud Security, Coding Standards, Communication, Cybersecurity, DevOps Practices, Emotional Regulation, Empathy, Endpoint Security, Forensic Investigation, Hosting Controllers, Inclusion, Information Security, Intellectual Curiosity, LoadRunner (Software Testing Tool), Offensive Security, Optimism, Quality Assurance System Architecture, Quality Management {+ 25 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Up to 40%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date