EY
Cyber SDC - Attack & Penetration - Senior - Consulting - Location OPEN
EY, Seattle, Washington, us, 98127
Overview
Senior Consultant in Offensive Security within EY’s Service Delivery Center. You will lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives, ensuring security measures are integrated throughout the software development lifecycle and optimizing service delivery processes. The opportunity includes managing and executing penetration testing, red teaming, and security assessments for clients, and driving automation of security processes to help clients build a more secure working world. Responsibilities
Lead, scope, and execute penetration testing projects across web applications (black box, white box, gray box), networks, cloud environments, hardware, and firmware. Develop and execute red team and purple team scenarios to identify gaps in organizational security postures and provide actionable recommendations. Produce in-depth penetration testing results with comprehensive reports detailing findings, exploitation procedures, risks, and recommendations. Stay current with emerging security threats, vulnerabilities, and industry best practices; promote continual learning within the team. Configure, manage, patch, and update penetration testing software and supporting infrastructure to ensure optimal performance and security. Contribute to operational metrics for client meetings, providing insights into tool performance and security findings. Qualifications
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Minimum of ten (10) years’ experience performing penetration tests; or minimum of five (5) years working in an electric utility in generation, or transmission & distribution performing penetration tests. Extensive experience with manual attack and penetration testing, including web applications, networks, and cloud environments. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks. Knowledge of Windows, Linux, Unix, and other major operating systems. Preferred
Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc. Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, and open-source project involvement. Strong analytical skills with the ability to interpret complex information and communicate it effectively. Active interest in staying updated on cybersecurity threats and trends, promoting continual learning and adaptation. What We Look For
We seek top performers who possess a strong foundation in cybersecurity principles and practices, along with relevant certifications and experience. A proactive mindset, ability to build high performing teams, adaptability to evolving threats, and a commitment to continuous learning are critical attributes. We look for motivated individuals who are committed to safeguarding digital assets and fostering a culture of security awareness within the organization. What We Offer
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide tools and flexibility for you to make a meaningful impact, your way. Transformative leadership: Insights, coaching and confidence to succeed in high performing teams. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY offers a comprehensive compensation and benefits package, including a base salary range of $77,500 to $140,900 in most locations, with higher ranges for New York City Metro Area, Washington State and California. Total rewards include medical and dental coverage, pension and 401(k) plans, and paid time off. Our hybrid model expects most client-serving roles to work in person 40-60% of the time over a project or engagement. At EY, we focus on high ethical standards and integrity and provide reasonable accommodations for qualified individuals with disabilities. If you need assistance applying online or require accommodation during the application process, please contact EY’s Talent Shared Services. EY | Building a better working world
#J-18808-Ljbffr
Senior Consultant in Offensive Security within EY’s Service Delivery Center. You will lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives, ensuring security measures are integrated throughout the software development lifecycle and optimizing service delivery processes. The opportunity includes managing and executing penetration testing, red teaming, and security assessments for clients, and driving automation of security processes to help clients build a more secure working world. Responsibilities
Lead, scope, and execute penetration testing projects across web applications (black box, white box, gray box), networks, cloud environments, hardware, and firmware. Develop and execute red team and purple team scenarios to identify gaps in organizational security postures and provide actionable recommendations. Produce in-depth penetration testing results with comprehensive reports detailing findings, exploitation procedures, risks, and recommendations. Stay current with emerging security threats, vulnerabilities, and industry best practices; promote continual learning within the team. Configure, manage, patch, and update penetration testing software and supporting infrastructure to ensure optimal performance and security. Contribute to operational metrics for client meetings, providing insights into tool performance and security findings. Qualifications
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Minimum of ten (10) years’ experience performing penetration tests; or minimum of five (5) years working in an electric utility in generation, or transmission & distribution performing penetration tests. Extensive experience with manual attack and penetration testing, including web applications, networks, and cloud environments. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks. Knowledge of Windows, Linux, Unix, and other major operating systems. Preferred
Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc. Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, and open-source project involvement. Strong analytical skills with the ability to interpret complex information and communicate it effectively. Active interest in staying updated on cybersecurity threats and trends, promoting continual learning and adaptation. What We Look For
We seek top performers who possess a strong foundation in cybersecurity principles and practices, along with relevant certifications and experience. A proactive mindset, ability to build high performing teams, adaptability to evolving threats, and a commitment to continuous learning are critical attributes. We look for motivated individuals who are committed to safeguarding digital assets and fostering a culture of security awareness within the organization. What We Offer
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide tools and flexibility for you to make a meaningful impact, your way. Transformative leadership: Insights, coaching and confidence to succeed in high performing teams. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY offers a comprehensive compensation and benefits package, including a base salary range of $77,500 to $140,900 in most locations, with higher ranges for New York City Metro Area, Washington State and California. Total rewards include medical and dental coverage, pension and 401(k) plans, and paid time off. Our hybrid model expects most client-serving roles to work in person 40-60% of the time over a project or engagement. At EY, we focus on high ethical standards and integrity and provide reasonable accommodations for qualified individuals with disabilities. If you need assistance applying online or require accommodation during the application process, please contact EY’s Talent Shared Services. EY | Building a better working world
#J-18808-Ljbffr