FreeHire

PricewaterhouseCoopers (PwC)

Risk Services - Cyber Simulation Associate (July 2027 Intake)

Show

Line of Service

Assurance

Industry/Sector

TMT X-Sector

Specialism

Cybersecurity & Privacy

Management Level

Associate

Job Description & Summary

At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We're a tech-forward, people-empowered network with more than 364,000 people in 136 countries and 137 territories. Across audit and assurance, tax and legal, deals and consulting, we help clients build, accelerate, and sustain momentum. Find out more at www.pwc.com.

About Risk Services

Our Risk Services Practice provides an invaluable safeguard in today’s complex operating environment with insights and independent assurance. We work with clients to deliver business control to help them to protect and strengthen every aspect of their business from people to performance, systems to strategy, business plans to business resilience. We help clients manage, mitigate and control risks from potential cybersecurity breaches to possible breaks in the supply chain. We assess and prepare businesses by looking into their technology, finance, data analytics, regulatory requirements, data security and privacy, internal audit, and the third parties our clients rely on, to help clients deliver quality results and meet their strategic objectives.

Key Responsibilities:

As a Cyber Simulation Associate, you will be part of a dynamic team of risk management professionals with responsibilities in supporting the team in pre-sales and delivery of cybersecurity-themed exercises to our clients. Specific responsibilities include, but are not limited to:

  • Working with the team for the end-to-end conduct of cybersecurity exercises, including exercise planning, scenario development, and reporting.
  • Conducting current state discovery to understand the client’s technology infrastructure, cyber resilience programmes, incident response plans, and scenario-specific playbooks.
  • Designing exercise scenarios that are relevant to and aligned with the client’s specific environment and context.
  • Engaging relevant business, operational, technical, and management teams in preparing for the cybersecurity exercise.
  • Providing recommendations to the client on improvements to their existing setup and plans.
  • Playing a key role in supporting the team during the exercise day conduct.
  • Involvement in post-exercise debrief/after-action review workshops.
  • Developing the exercise report and providing observations and recommendations that are meaningful and relevant to the client’s context.
  • Presenting the exercise report and key observations to the relevant stakeholders, tailoring the messages based on the audience.
  • Proactive support in business development activities such as bid management, proposal formulation, and client presentations, including adhering to internal risk management and compliance policies.

What We Are Looking For

  • A degree in Computer Science, Computer Engineering, Information Technology, or a non-IT degree with a focus on cybersecurity from reputable local or international universities.
  • A keen interest in helping clients simulate cyber crisis scenarios through the conduct of Table-top Exercises (TTX), Command Post Exercises (CPX), and Ground Deployment Exercises (GDX).
  • Understanding of various cybersecurity Tactics, Techniques, and Procedures (TTPs) for different cyber threat actors.
  • Knowledge of cyber incident response and digital forensic investigation requirements.
  • Familiarity with the Cyber Kill Chain Methodology, MITRE ATT&CK Framework, and NIST Cybersecurity Framework (CSF).
  • A good team player.
  • Excellent communication, presentation, analytical, and organisational skills.
  • Ability to work on multiple concurrent projects with tight timelines and competing resources.

Advantageous to have:

  • Knowledge of technology systems, network and infrastructure, cybersecurity risks, and related control frameworks and practices (COCO, COSO, ISO, ITIL, CMM, COBIT, NIST, SANS, etc.).
  • Possession of certifications such as CISSP, GCFE, GREM, GCIA, GCIH, EnCE.

Application Notes

  • Please indicate your first-choice role and, where applicable, a second-choice role, based on your skills, interests, and career aspirations.
  • Only shortlisted candidates will be notified due to the high volume of applications.
  • Kindly upload both your resume and academic transcript/degree audit in PDF format

There have been reports of scammers impersonating PwC HR professionals contacting individuals about fraudulent job opportunities using non-PwC domain email addresses and an overseas number. Please note that genuine communications from our HR team will only come from "@pwc.com" email addresses.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date