Cyber Security Analyst - Penetration Testing jobs at Ey in Sri Lanka, Colombo

external scrutiny as regulation and practice continues to evolve. Responsible for developing
and overseeing the financial crime and fraud prevention framework, designed to ensure
client(s) are compliant, protected from risk and loss from financial crime.

As a part of our Global Managed Services Delivery team, you will be working with EY officesshort to long term engagements to provide assistance in establishing, maintaining anddrive change for the firm's banking, capital markets, insurance, and asset management clients

o Transaction Monitoring
o KYC Remediationo Payment screening filtering for Sanctions, PEPs and adverse mediao Look-back reviews and loan file reviews
o Compliance testing and FATCA
o Financial crime risk assessment reviews

Key Responsibilities

As a Financial Crime Compliance Analyst, you will predominantly support the compliance teamin the financial crime space. You will help businesses comply with financial crime regulationscounter-terrorist financing.

• Multi-task, learn on the job and work under pressure to meet strict deadlines in a fast-paced environment.
• Devising process documentation and translating complex processes into easy-to-follow
• Coordinating efforts with internal stakeholders as appropriate
• Work as a member of a team to ensure operational readiness of applications and processes required to conduct AML program requirements.
• Seek to understand the overall process and objective before beginning to work on a task.
• Escalate issues and problems, articulate clearly to leadership, onshore and client team.
• Demonstrate integrity, respect and be able to work collaboratively with team members.

Skills and Attributes for Success

o Time management skills to be able to manage deadline effectively.
o Exhibit analytical skills and attention to detail while maintaining a holistic view andlogical thinking.

To Qualify for the role, you must have

• 1-3 years of work experience in AML-Transaction Monitoring and KYC. Experience in compliance for Non-Financial Service Clients will be an added advantage.
• Strong academic background in Risk, Accounting, Finance, Economics, or a related financial field.
• Good understanding of banking industry, its products, and services.
• Strong presentation skills and proficiency in the use of Power Point, Word and Excel.
• Ability to work under pressure independently as well as collaboratively with the team.
• willingness to travel, within the country and internation as required

• Bachelor's /Master degree in finance, economics, law, or a related field.
• Experience in AML compliance, with a focus on transaction monitoring.
• Strong analytical skills and the ability to interpret complex financial data.
• Proficiency in transaction monitoring systems and other relevant technologies.
• Excellent communication skills, both written and verbal.
• Detail-oriented with strong organizational and time management skills.
• Ability to work independently and collaboratively within a team.

Proficiency in the following Financial Crime Areas will be an added advantage:
• Transaction Monitoring: Review suspicious transactions, including transfers, deposits, and withdrawals, to identify suspicious activity. This would also include:o Draft in-depth transaction review narratives in-line with the risk level and client requirements.

• AML – KYC: Conduct end-to-end KYC processes including enhanced due diligence across client types ranging from individuals to entities (trusts, LLP’s, Sole Proprietorships, etc); specifically:
o Conduct KYC processes for Retail and Institutional clients, ensuring adherence to regulatory standards and internal policies.
o Perform risk assessments for Corporate and Commercial Banking clients, identifying potential areas of risk.
o Contribute to the preparation and updating of KYC guidance documents to reflect current best practices and regulatory changes.
o Handle Enhanced Due Diligence (EDD) cases, including in-depth investigations into high-risk clients and complex ownership structures.

Ideally, you'll also have

• Good English communication skills - written as well as verbal.
• Possess energy, enthusiasm, and the courage to lead.

• Continuous learning: You'll develop the mindset and skills to navigate whatever comes
• Success as defined by you: We'll provide the tools and flexibility, so you can make a
• Transformative leadership: We'll give you the insights, coaching and confidence to be the
• Diverse and inclusive culture: You'll be embraced for who you are and empowered to useyour voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.

• Perform penetration testing which includes internet, intranet, web application, wireless, social engineering, physical penetration testing.
• Execute red team assessments to highlight gaps impacting organizations security postures.
• Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
• Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
• Execute penetration testing projects using the established methodology, tools and rules of engagements.
• Convey complex technical security concepts to technical and non-technical audiences including executives.
• Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams
• Ability to automate DAST/SAST solutions and reporting
• Support SDLC and agile environments with application security testing and source code reviews.
• Provide technical leadership and advise to junior team members on attack and penetration test engagements.
• Develop automated solutions that mitigate risks throughout the organization.
• Understanding and experience with Active Directory attacks.
• Understanding of TCP/IP network protocols.

• Understanding of web-based application vulnerabilities (OWASP Top 10).
• Good understanding of enterprise security controls in Active Directory / Windows environments
• Understanding of TCP/IP network protocols.
• Understanding of network security and popular attacks vectors.
• Ability to communicate detailed technical information to a non-technical audience clearly
• Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing
• Strong understanding of security principles, policies, and industry best practices
• Demonstrable flair for technical writing, including engagement reports, presentations and operating procedures

To qualify for the role, you must have

• BE/ B.Tech/ MCA.
• Minimum of 4 years of work experience in penetration testing which may include at least three of the following: internet, intranet, web application penetration tests, wireless, social engineering, physical and Red Team assessments.
• One of the following certifications: CEH, CRTE, eCPTX, eWPTX, OSCP, OSCE, OSEP, OSWE, CREST
• Knowledge of Windows, Linux, UNIX, any other major operating systems.
• 4-9 years of work experience in Strategy and Operations projects
• Strong Excel and PowerPoint skills.

Ideally, you’ll also have

• Project management skills
• Certifications: CISSP, GPEN, GWAPT.

What we look for

• Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

•Telephone and in-person support
•Agenda and supplies management
•Support in formatting documents (reports, proposals, presentations, etc.), particularly in Word and PowerPoint
•Billing
•Preparation of time control maps
•Travel booking;
•Support for small internal events
•Support in hiring/human resources processes
•Inherent administrative tasks
•Archive

•Proactive and autonomous
•Ability to adapt communication to different context and stakeholders
•Responsabilty
•Work method and priority management
•Rigor and focus on meeting deadlines
•Practical sense
•Resilience and stress management

•Bachelor or master’s degree
•At least 2 years of relevant experience in similar functions
•Advanced English skills
•Good knowledge of Microsoft Office

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Plus, we offer support and coaching; opportunities to develop new skills and progress your career; the freedom and flexibility to handle your role.
•: You’ll develop the mindset and skills to navigate whatever comes next.
•: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
•: We’ll give you the insights, coaching and confidence to be the leader the world needs.
•
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

What we look for
Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization. If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.

EY offers a competitive remuneration package commensurate with your work experience. Plus, we offer:
• Support, coaching and feedback from some of the most engaging colleagues around;
• Opportunities to develop new skills and progress your career;
• The freedom and flexibility to handle your role in a way that’s right for you.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

Your key responsibilities
• Perform penetration testing which includes internet, intranet, web application, wireless, social engineering, physical penetration testing.
• Execute red team assessments to highlight gaps impacting organizations security postures.
• Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
• Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
• Execute penetration testing projects using the established methodology, tools and rules of engagements.
• Convey complex technical security concepts to technical and non-technical audiences including executives.
• Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams
• Ability to automate DAST/SAST solutions and reporting
• Support SDLC and agile environments with application security testing and source code reviews.
• Provide technical leadership and advise to junior team members on attack and penetration test engagements.
• Develop automated solutions that mitigate risks throughout the organization.
• Understanding and experience with Active Directory attacks.
• Understanding of TCP/IP network protocols.

• Experience with automation through solutions such as Chef, Puppet, Jenkins, and Ansible.
• Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.) updated and familiarized with the latest exploits and security trends.
• Familiarity with dynamic web application vulnerability scanning tools and services (Acunetix, HP WebInspect, IBM AppScan, BurpSuite, IBM AppScan)
• Familiarity with static code analysis tools and services (CheckMarx, Fortify Static Code Analysis tool, Veracode, Coverity, IBM AppScan Source)
• Familiarity with Secure DevOps Integration.
• Understanding and experience with Active Directory attacks.
• Understanding of TCP/IP network protocols.
• Understanding of network security and popular attacks vectors.
• Understanding of web-based application vulnerabilities (OWASP Top 10).
• Experience with scripting / programming skills (e.g., Python or PowerShell or Java or Perl etc.).

• BE/ B.Tech/ MCA.
• Minimum of 1 year of work experience in penetration testing which may include at least three of the following: internet, intranet, web application penetration tests, wireless, social engineering, physical and Red Team assessments.
• One of the following certifications: OSCP, OSWP, GPEN, GWAPT.
• Knowledge of Windows, Linux, UNIX, any other major operating systems.
• 2-4 years of work experience in Strategy and Operations projects
• Strong Excel and PowerPoint skills.

• Project management skills
• Certifications: OSCP, OSWP, GPEN, GWAPT.

What we look for

• Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

As part of our EY-cyber security team, Threat Detection & Response Operations Manager will lead Operations/Delivery for TDR engagements with end-to-end security incident investigation support ensuring client SLAs and KPIs leveraging multiple SIEM/EDR/NSM solutions.

We’re looking for Security Manger with expertise in SOC Operations & Delivery with hands-on knowledge on SIEM, EDR, NSM and Threat Intelligence solutions.

Your key responsibilities

• Oversee the process of detecting, reporting, and responding to security incidents, ensuring that the SOC team can effectively manage incidents when they occur.
• Responsible for managing the security tools and technologies used by the SOC team, ensuring that they are properly configured and maintained, and that they can effectively monitor and detect security threats.
• Lead and manage the Security operation centre primarily responsible for security event monitoring of client’s network
• Ensure that Service Level Agreements are defined, tracked, and met for all clients
• Provide technical leadership and advise to junior team members on SOC activities
• Revise Standard operation policies & procedures as required and ensure it is followed by the team
• Identify opportunities to improve security monitoring and operational tasks
• Convey complex technical security concepts to technical and non-technical audiences including executives.
• Develop and maintain productive working relationships with client personnel
• Oversee the daily SOC task that can be automated
• Provide both strategic view and benefits to client and work with limited resource to achieve it.

Skills and attributes for success

• Hands-on expertise of SIEM technologies such as Microsoft Sentinel, Splunk from a security analyst’s point of view
• Expert knowledge and experience in Security Monitoring
• Expert knowledge and experience in Cyber Incident Response
• Knowledge in cloud security and IOT/OT is a value add
• Knowledge in Network monitoring technology platforms such as Fidelis, ExtraHop, Darktrace etc
• Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Defender, CrowdStrike
• Ability to work with minimal levels of supervision or oversight.
• Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.

To qualify for the role, you must have

• B. Tech./ B.E. with sound technical skills
• Ability to work in client time zone
• Strong command on verbal and written English language.
• Demonstrate both technical acumen and critical thinking abilities.
• Strong interpersonal and presentation skills.
• Minimum 10 years of Hands-on experience of operating/implementing/designing SIEM solutions and proven experience in Project Management.
• Certification in any of the SIEM platforms
• Knowledge of RegEx, Perl scripting and SQL query language is a value add.
• Certification – CISM, CEH, CISSP, GCIH, GIAC, SABSA, TOGAF.

What we look for

• Who has proven experience in Leading operations for SOC projects, with hands-on experience in SIEM configuration and setup.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

TDR SOC Senior

We’re looking for Security Analyst with expertise in SIEM, EDR and NSM solutions.

Your key responsibilities

• Operational support using SIEM solutions (Splunk, Sentinel), EDR (CrowdStrike, Defender, Carbon Black) and NSM (Fidelis, ExtraHop) for multiple customers.
• Specialized in second level incident validation and more detailed investigation
• Performs incident coordination and communication with client to ensure effective containment, eradication, and recovery
• SIEM support activities which includes adhoc reporting and basic troubleshooting
• Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements.
• Provide near real-time analysis, investigating, reporting, remediation, coordinating and tracking of security-related activities for customer

Skills and attributes for success

• Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
• Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst’s point of view
• Troubleshoot issues associated with SIEM solution.
• Ability to work with minimal levels of supervision or oversight.
• Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus
• Good knowledge and experience in Security Monitoring
• Good knowledge and experience in Cyber Incident Response
• Knowledge in ELK Stack
• Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop
• Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender etc

To qualify for the role, you must have

• B. Tech./ B.E. with sound technical skills
• Ability to work in 24x7 shifts
• Strong command on verbal and written English language.
• Demonstrate both technical acumen and critical thinking abilities.
• Strong interpersonal and presentation skills.
• Minimum 3 years of Hands-on experience in SIEM/EDR/NSM solutions
• Certification in any of the SIEM platforms
• Knowledge of RegEx, Perl scripting and SQL query language.
• Certification - CCSA, CEH, CISSP, GCIH, GIAC.

Ideally, you’ll also have

• People/Project management skills.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

TDR SOC Senior

We’re looking for Security Analyst with expertise in SIEM, EDR and NSM solutions.

Your key responsibilities

• Operational support using SIEM solutions (Splunk, Sentinel), EDR (CrowdStrike, Defender, Carbon Black) and NSM (Fidelis, ExtraHop) for multiple customers.
• Specialized in second level incident validation and more detailed investigation
• Performs incident coordination and communication with client to ensure effective containment, eradication, and recovery
• SIEM support activities which includes adhoc reporting and basic troubleshooting
• Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements.
• Provide near real-time analysis, investigating, reporting, remediation, coordinating and tracking of security-related activities for customer

Skills and attributes for success

• Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
• Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst’s point of view
• Troubleshoot issues associated with SIEM solution.
• Ability to work with minimal levels of supervision or oversight.
• Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus
• Good knowledge and experience in Security Monitoring
• Good knowledge and experience in Cyber Incident Response
• Knowledge in ELK Stack
• Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop
• Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender etc

To qualify for the role, you must have

• B. Tech./ B.E. with sound technical skills
• Ability to work in 24x7 shifts
• Strong command on verbal and written English language.
• Demonstrate both technical acumen and critical thinking abilities.
• Strong interpersonal and presentation skills.
• Minimum 3 years of Hands-on experience in SIEM/EDR/NSM solutions
• Certification in any of the SIEM platforms
• Knowledge of RegEx, Perl scripting and SQL query language.
• Certification - CCSA, CEH, CISSP, GCIH, GIAC.

Ideally, you’ll also have

• People/Project management skills.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.