I am a penetration tester - sometimes known as an ethical hacker! This involves testing out our clients’ defences and trying to break into their networks. We have to be creative with our methods - from directly hacking code to trying social engineering methods - trying to act as much like a real-life attacker as possible to see what vulnerabilities they may be exposed to, without causing any harm. We then look at how best to take action to try and avoid the real hackers getting access in future.
There isn't really a typical day which is part of what I enjoy. Sometimes I'm in our lab at PwC trying to remotely access a client network, or I might be on-site inside a client’s data centre plugging into their servers. I'll sometimes also have client kick-off or debrief meetings in the office just like any other PwC project team. I have a testing laptop as well as my normal laptop, so sometimes it's hard to remember to check emails if I get really into the testing I am doing.
For me, it’s all about the challenge. Every network is different so it's all about figuring out what techniques to use to try and get the most access and prove what an attacker may be able to do, without actually damaging the client's network.
Problem-solving skills are essential, as is persistence - not giving up on trying to get access in whichever way you can.
I did a maths degree at university and also love programming so did a few computer science modules on the side. I joined PwC on the cyber security graduate scheme in 2014 and moved into ethical hacking after being here for about 6 months - I had a lot to learn but it’s great fun!
Problem-solving skills are essential, as is persistence - not giving up on trying to get access in whichever way you can. I'd also say passion; being passionate and enjoying what you do is the key to enjoying your career I think! I’m now doing a masters in Information Security at Royal Holloway through PwC to continue my learning of some of the theory behind the technicalities.
The best advice I've been given is to do what I enjoy. It sounds so simple but I think if you care about and enjoy what you do then the rest can follow!