EY
Cyber SDC - Attack & Penetration - Senior - Consulting - Location OPEN
EY, Washington, District of Columbia, us, 20022
Overview
Join to apply for the
Cyber SDC - Attack & Penetration - Senior - Consulting - Location OPEN
role at
EY . Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. What you’ll do
Manage and execute penetration testing, red teaming, and security assessments for clients. Lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives. Perform penetration testing across web applications (black box, white box, gray box), networks, cloud environments, hardware, and firmware. Develop and execute red team and purple team scenarios to identify gaps in security postures and provide actionable recommendations. Create comprehensive reports detailing findings, exploitation procedures, risks, and recommendations; stay current with emerging threats and industry best practices. Support configuration, patching, and maintenance of penetration testing tools and supporting infrastructure to ensure optimal security and performance. Contribute to operational metrics for client meetings, providing insights into tool performance and security findings. Qualifications and attributes
Minimum 5+ years of experience in penetration testing or offensive security practices; proven success in delivering security assessments. Strong knowledge of automation tools and processes related to offensive security and application security. Excellent problem-solving skills and ability to manage multiple security projects concurrently. Effective communication skills to liaise with clients and internal stakeholders, translating complex technical concepts into understandable terms. Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field. Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks; knowledge of Windows, Linux, Unix, and other major operating systems. Nice-to-have
Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc. Contributions to the security community, including research, CVE disclosures, bug bounty work, or open-source involvement. Active interest in staying updated on the latest cybersecurity threats and trends. What we offer
Competitive compensation and benefits; base salary ranges and total rewards are provided in the role description; eligibility for medical, dental, pension, 401(k), and paid time off. Hybrid work model with flexibility about in-person collaboration on engagements. Supportive, diverse, and inclusive culture focused on professional growth and leadership development. Equal Employment Opportunity
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities. If you need assistance applying online or require an accommodation during any part of the application process, please contact EY’s Talent Shared Services Team.
#J-18808-Ljbffr
Join to apply for the
Cyber SDC - Attack & Penetration - Senior - Consulting - Location OPEN
role at
EY . Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. What you’ll do
Manage and execute penetration testing, red teaming, and security assessments for clients. Lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives. Perform penetration testing across web applications (black box, white box, gray box), networks, cloud environments, hardware, and firmware. Develop and execute red team and purple team scenarios to identify gaps in security postures and provide actionable recommendations. Create comprehensive reports detailing findings, exploitation procedures, risks, and recommendations; stay current with emerging threats and industry best practices. Support configuration, patching, and maintenance of penetration testing tools and supporting infrastructure to ensure optimal security and performance. Contribute to operational metrics for client meetings, providing insights into tool performance and security findings. Qualifications and attributes
Minimum 5+ years of experience in penetration testing or offensive security practices; proven success in delivering security assessments. Strong knowledge of automation tools and processes related to offensive security and application security. Excellent problem-solving skills and ability to manage multiple security projects concurrently. Effective communication skills to liaise with clients and internal stakeholders, translating complex technical concepts into understandable terms. Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field. Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks; knowledge of Windows, Linux, Unix, and other major operating systems. Nice-to-have
Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc. Contributions to the security community, including research, CVE disclosures, bug bounty work, or open-source involvement. Active interest in staying updated on the latest cybersecurity threats and trends. What we offer
Competitive compensation and benefits; base salary ranges and total rewards are provided in the role description; eligibility for medical, dental, pension, 401(k), and paid time off. Hybrid work model with flexibility about in-person collaboration on engagements. Supportive, diverse, and inclusive culture focused on professional growth and leadership development. Equal Employment Opportunity
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities. If you need assistance applying online or require an accommodation during any part of the application process, please contact EY’s Talent Shared Services Team.
#J-18808-Ljbffr