EY
Cyber SDC - WAM Penetration Tester - Senior - Location OPEN
EY, Tulsa, Oklahoma, United States, 74145
Overview
Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Title: Cybersecurity – Attack and Penetration Tester The Opportunity: Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together to assess, improve, build, and, in some cases, operate integrated security operations for our clients. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. We will support you with career-long training and coaching to develop your skills. EY is a global leading service provider in this space, offering a collaborative environment where the exceptional EY experience lasts a lifetime.
Responsibilities
As part of our Penetration Testing team, identify potential threats and vulnerabilities to operational environments. Projects may include penetration testing and simulating physical breaches to identify vulnerabilities. Perform penetration testing which includes web application, API, and thick client testing. Lead and/or contribute to penetration testing and red team engagements; provide technical leadership and mentor junior team members. Execute penetration testing projects using established methodologies, tools, and rules of engagement. Convey complex technical security concepts to technical and non-technical audiences including executives. Analyze penetration testing results in depth and create reports detailing findings, exploitation procedures, risks, and recommendations. Identify and exploit security vulnerabilities across a wide range of systems and environments.
Qualifications – To Qualify for the Role
A bachelor’s degree and at least 5+ years of related work experience Experience with manual attack and penetration testing Scripting/programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) Updated familiarity with the latest exploits and security trends Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT
Ideally, you’ll also have
A bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience, or a master’s degree with at least 2+ years of related work experience in penetration testing (internet, intranet, web applications, wireless, social engineering, and red team assessments) Contributions to the security community (research, CVEs, bug bounty, open-source, publications, etc.) Understanding of web-based application vulnerabilities (OWASP Top 10) Strong analytical and problem-solving abilities Excellent communication skills, both written and verbal Ability to work collaboratively in a team environment
What We Look For
We’re interested in intellectually curious people with a genuine passion for cyber security. With a specialization in attack and penetration testing, we look for individuals who can present innovative ideas that make a lasting difference to EY, the industry, and clients.
What We Offer You
Comprehensive compensation and benefits package with base salary ranges depending on location; Total Rewards includes medical and dental coverage, pension and 401(k), and paid time off options. Hybrid work model; most client-facing roles are expected to be in person 40-60% of the time over a project or engagement. Flexible vacation policy and designated holidays, with additional time off for personal/family needs and well-being.
Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an ongoing basis. For those living in California, please click here for additional information.
Equal Employment Opportunity
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY provides equal employment opportunities without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans with disabilities. If you need assistance applying online or require accommodation during any part of the application process, please contact EY’s Talent Shared Services team or the TSS email listed in the original posting.
#J-18808-Ljbffr
Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Title: Cybersecurity – Attack and Penetration Tester The Opportunity: Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together to assess, improve, build, and, in some cases, operate integrated security operations for our clients. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. We will support you with career-long training and coaching to develop your skills. EY is a global leading service provider in this space, offering a collaborative environment where the exceptional EY experience lasts a lifetime.
Responsibilities
As part of our Penetration Testing team, identify potential threats and vulnerabilities to operational environments. Projects may include penetration testing and simulating physical breaches to identify vulnerabilities. Perform penetration testing which includes web application, API, and thick client testing. Lead and/or contribute to penetration testing and red team engagements; provide technical leadership and mentor junior team members. Execute penetration testing projects using established methodologies, tools, and rules of engagement. Convey complex technical security concepts to technical and non-technical audiences including executives. Analyze penetration testing results in depth and create reports detailing findings, exploitation procedures, risks, and recommendations. Identify and exploit security vulnerabilities across a wide range of systems and environments.
Qualifications – To Qualify for the Role
A bachelor’s degree and at least 5+ years of related work experience Experience with manual attack and penetration testing Scripting/programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) Updated familiarity with the latest exploits and security trends Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT
Ideally, you’ll also have
A bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience, or a master’s degree with at least 2+ years of related work experience in penetration testing (internet, intranet, web applications, wireless, social engineering, and red team assessments) Contributions to the security community (research, CVEs, bug bounty, open-source, publications, etc.) Understanding of web-based application vulnerabilities (OWASP Top 10) Strong analytical and problem-solving abilities Excellent communication skills, both written and verbal Ability to work collaboratively in a team environment
What We Look For
We’re interested in intellectually curious people with a genuine passion for cyber security. With a specialization in attack and penetration testing, we look for individuals who can present innovative ideas that make a lasting difference to EY, the industry, and clients.
What We Offer You
Comprehensive compensation and benefits package with base salary ranges depending on location; Total Rewards includes medical and dental coverage, pension and 401(k), and paid time off options. Hybrid work model; most client-facing roles are expected to be in person 40-60% of the time over a project or engagement. Flexible vacation policy and designated holidays, with additional time off for personal/family needs and well-being.
Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an ongoing basis. For those living in California, please click here for additional information.
Equal Employment Opportunity
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY provides equal employment opportunities without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans with disabilities. If you need assistance applying online or require accommodation during any part of the application process, please contact EY’s Talent Shared Services team or the TSS email listed in the original posting.
#J-18808-Ljbffr