EY
Cyber SDC - WAM Penetration Tester - Senior - Location OPEN
EY, Phoenix, Arizona, United States, 85003
Overview
Location: Anywhere in Country Base pay range: $72,500.00/yr - $140,900.00/yr Title: Cybersecurity – Attack and Penetration Tester At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. The Opportunity
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. You will be part of our Advanced Security Centers and help access the most sophisticated tools available to fight cybercrime. EY is a global leading service provider in this space, and you will be working with a collaborative team with ongoing career development and coaching. Your Key Responsibilities
As part of our Penetration Testing team, identify potential threats and vulnerabilities to operational environments. Projects may include penetration testing and simulating physical breaches to identify vulnerabilities. Research and discovery of new security vulnerabilities; contribute to knowledge sharing through conferences, white papers, or other industry channels. Plan, pursue, deliver and manage engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. Perform penetration testing which includes web application, API, and thick client testing. Provide technical leadership and advise junior team members on attack and penetration test engagements; may lead a team of testers on engagements. Analyze penetration testing results in depth and create reports describing findings, exploitation procedures, risks and recommendations. Execute penetration testing projects using established methodology, tools and rules of engagement. Convey complex technical security concepts to technical and non-technical audiences, including executives. To Qualify for the Role, You Must Have
A bachelor’s degree and at least 5+ years of related work experience. Experience with manual attack and penetration testing. Experience with scripting/programming skills (e.g., Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript). Updated familiarity with the latest exploits and security trends. Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT. Ideally, you’ll also have
A bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience, or a master’s degree with at least 2+ years of related experience in penetration testing including internet, intranet, web application testing, wireless, social engineering, and red team assessments. Contributions to the security community (research, public CVE disclosures, bug bounty acknowledgments, open-source involvement, publications, etc.). Understanding of web-based application vulnerabilities (OWASP Top 10). Strong analytical and problem-solving abilities; excellent written and verbal communication skills. Ability to work collaboratively in a team environment. What We Look For
We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your specialization in attack and penetration testing, you’ll be encouraged to speak up with innovative ideas that could make a lasting difference to us and the industry. What We Offer You
We’ll develop you with future-focused skills and world-class experiences in a flexible, diverse, and inclusive culture of globally connected teams. Comprehensive compensation and benefits package, with base salary ranges applicable by geography (e.g., $72,500 to $140,900; higher ranges for NYC Metro Area, WA, CA). Total Rewards includes medical and dental coverage, pension and 401(k), and paid time off. Hybrid work model: client-facing roles typically involve 40-60% in-person collaboration. Flexible vacation policy and designated holidays; time off for personal/family care and other leaves to support well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY teams help clients shape the future with confidence and develop answers for today and tomorrow. EY offers equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans. If you need assistance applying online or need to request an accommodation, please call 1-800-EY-HELP or email the Talent Shared Services Team. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Professional Services
#J-18808-Ljbffr
Location: Anywhere in Country Base pay range: $72,500.00/yr - $140,900.00/yr Title: Cybersecurity – Attack and Penetration Tester At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. The Opportunity
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. You will be part of our Advanced Security Centers and help access the most sophisticated tools available to fight cybercrime. EY is a global leading service provider in this space, and you will be working with a collaborative team with ongoing career development and coaching. Your Key Responsibilities
As part of our Penetration Testing team, identify potential threats and vulnerabilities to operational environments. Projects may include penetration testing and simulating physical breaches to identify vulnerabilities. Research and discovery of new security vulnerabilities; contribute to knowledge sharing through conferences, white papers, or other industry channels. Plan, pursue, deliver and manage engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. Perform penetration testing which includes web application, API, and thick client testing. Provide technical leadership and advise junior team members on attack and penetration test engagements; may lead a team of testers on engagements. Analyze penetration testing results in depth and create reports describing findings, exploitation procedures, risks and recommendations. Execute penetration testing projects using established methodology, tools and rules of engagement. Convey complex technical security concepts to technical and non-technical audiences, including executives. To Qualify for the Role, You Must Have
A bachelor’s degree and at least 5+ years of related work experience. Experience with manual attack and penetration testing. Experience with scripting/programming skills (e.g., Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript). Updated familiarity with the latest exploits and security trends. Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT. Ideally, you’ll also have
A bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience, or a master’s degree with at least 2+ years of related experience in penetration testing including internet, intranet, web application testing, wireless, social engineering, and red team assessments. Contributions to the security community (research, public CVE disclosures, bug bounty acknowledgments, open-source involvement, publications, etc.). Understanding of web-based application vulnerabilities (OWASP Top 10). Strong analytical and problem-solving abilities; excellent written and verbal communication skills. Ability to work collaboratively in a team environment. What We Look For
We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your specialization in attack and penetration testing, you’ll be encouraged to speak up with innovative ideas that could make a lasting difference to us and the industry. What We Offer You
We’ll develop you with future-focused skills and world-class experiences in a flexible, diverse, and inclusive culture of globally connected teams. Comprehensive compensation and benefits package, with base salary ranges applicable by geography (e.g., $72,500 to $140,900; higher ranges for NYC Metro Area, WA, CA). Total Rewards includes medical and dental coverage, pension and 401(k), and paid time off. Hybrid work model: client-facing roles typically involve 40-60% in-person collaboration. Flexible vacation policy and designated holidays; time off for personal/family care and other leaves to support well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY teams help clients shape the future with confidence and develop answers for today and tomorrow. EY offers equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans. If you need assistance applying online or need to request an accommodation, please call 1-800-EY-HELP or email the Talent Shared Services Team. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Professional Services
#J-18808-Ljbffr