United States, District Of Columbia, Penetration Tester jobs
EY Cyber SDC - Attack & Penetration Senior Consulting Location ... United States, Texas, Dallas
Share
As a Senior Consultant in Offensive Security within our Service Delivery Center, you will play a pivotal role in enhancing our clients' security posture through proactive threat assessments and vulnerability management. You will lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives, ensuring that security measures are integrated throughout the software development lifecycle while optimizing service delivery processes.
In this role, you will manage and execute penetration testing, red teaming, and security assessments for our clients. You will work closely with cross-functional teams to identify vulnerabilities, develop mitigation strategies, and ensure that security practices align with industry standards. Your expertise will drive the team’s efforts in automating security processes and help our clients build a more secure working world.
Your Key Responsibilities
- Lead, scope, and execute penetration testing projects, including web applications (including black box, white box, and gray box assessments), networks, cloud environments, hardware, and firmware.
- Develop and execute red team and purple team scenarios to identify gaps in organizational security postures and provide actionable recommendations.
- Perform in-depth penetration testing results create comprehensive reports detailing findings, exploitation procedures, risks, and recommendations.
- Stay current with emerging security threats, vulnerabilities, and industry best practices, and promote continual learning within the team.
- Assist in configuring, handling, patching, and updating penetration testing software an supporting infrastructure to ensure optimal performance and security.
- Contribute to the creation and updating of operational metrics for client meetings, providing insights into tool performance and security findings.
Skills and Attributes for Success
- Proven experience in penetration testing and offensive security practices, with a minimum of 5+ years of related work experience.
- Strong knowledge of automation tools and processes, particularly in the context of offensive security and application security.
- Excellent problem-solving skills and the ability to manage multiple security projects simultaneously.
- Effective communication skills to liaise with clients and internal stakeholders, translating complex technical concepts into understandable terms.
To qualify for the role, you must have
- Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
- A minimum of ten (10) years’ experience performing penetration tests; or a minimum of five (5) years working in an electric utility in generation, or transmission & distribution performing penetration tests
- Extensive experience with manual attack and penetration testing, including web applications, networks, and cloud environments.
- Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks.
- Knowledge of Windows, Linux, Unix, and other major operating systems.
Ideally, you’d also have
- Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc.
- Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, and open-source project involvement.
- Strong analytical skills with the ability to interpret complex information and communicate it effectively.
- Active interest in staying updated on the latest cybersecurity threats and trends, promoting continual learning and adaptation.
What We Offer
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to succeed in high performing teams.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
What we offer you
At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn .
- We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $77,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
- Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
- Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
These jobs might be a good fit
EY Service Delivery Center - QA Automation Tester Senior Charlo... United States, North Carolina, Charlotte
Share
Service Delivery Center Senior – Financial Services Organization – QA Automation Tester
See examples of our work here:
And hear us talk about leading technology, our patented technology and thought leadership here:
Most of our projects are built in Java but you will also be exposed to different technologies including web (Angular, React, etc), other languages (.NET, python, etc), web/microservices and databases. A key part of innovation is using the right tool for the job so you’ll always have opportunity to learn and leverage new technology as it comes out such as machine learning, natural language processing (NLP) and data analytics. Our clients look to us to solve their problems not just deploy software they could do themselves so this means you’ll be expected to build custom frameworks, tools and utilities such as custom automation drivers, JSON and XML parsers, integrations between tools and extend existing frameworks to provide new, cutting edge technologies.
Most of our work is specifically aimed at accelerating and enhancing software testing. Manual testing can be inefficient and many of today’s complex systems and technologies can’t be tested manually. Even traditional automated testing is outdated so it’s our job to build new tools and technology to do it better.
Your Key Responsibilities
Everything you’ll do will come back to providing exceptional testing subject matter expertise and solving complex problems that make a difference for our clients. Colleagues and clients from a diverse array of backgrounds will look to you first for answers, so you’ll be a high-profile contact when it comes to resolving complex issues. As you build your knowledge and experience, you’ll become a credible advisor, influencing clients and engagement teams on resolutions that will impact entire industries.
Skills and attributes for success
- Works directly with the client engagement and delivery center leadership teams on executing the Engagement Management Framework
- Conduct tests and undertake analysis of results to ensure that software meets or exceeds specified standards and/or client requirements
- Planning, designing and implementing tools or assets to solve complex problems, including primarily custom Java-based tools and frameworks
- Developing client relationships across multiple levels and support sales efforts
- Contributes consistently to the development of technical solutions throughout the solution delivery center
- Leads team meetings (e.g., status meetings)
- Provides detailed review of team’s work product (i.e., associates and analysts)
- Produces high-quality deliverables with no supervision
To qualify, you must have
- Bachelor's degree in Computer Science, Engineering, Accounting, Finance or a related field and approximately 3 years of relevant work experience
- Passion and interest for solving problems using technology
- Seeing problems as challenges and opportunities, not roadblocks
- Technical knowledge with all aspects of the software lifecycle including design, architecture, development and testing
- 3 years of experience and strong knowledge in Java and OOP concepts
- Knowledge in common Java libraries and concepts such as linked hash maps, serialization, etc
- Experience in Java development and architecture best practices
- At least 2 years of experience with test automation using tools such as Junit, Selenium, RESTAssured, Karate
- Experience on API integrations with hands on experience in implementing API and integration automation processes
- At least 2 years of experience with at least 3 of these concepts:
- Design, implementation and usage of complex test automation frameworks
- Data querying (Example: SQL)
- Data analytics and statistics (variant distribution, data sampling, trend analysis, predictive modeling or forecasting)
- Any sub-area or use case of Artificial Intelligence (machine learning, natural language processing, etc)
- CICD implementations and tools (example: Jenkins, Ansible, GitLab)
- Working knowledge in web technologies such as Angular, React, HTML/CSS, etc
- Innovative and creative mind to think outside of the box
- Resourceful and able to find possible solutions to problems individually and within a team
- Coaching teams members with a goal of fostering an innovative and inclusive team-oriented work environment
- Sharing your knowledge and developing engagement tools and enablers to build capability for the practice
- Developing client relationships across multiple levels and support sales efforts
- Effectively leading and mentoring others technically and professionally
Ideally, you’ll also have
- Certifications or degree specializations in application development, analytics, test automation or artificial intelligence preferred
- SonarCube experience is a plus
What we look for
We’re interested in leaders with a genuine creative vision and the confidence to make it happen. You can expect plenty of autonomy and variety in this role, so you’ll also need the ability to be nimble, take initiative and seek out opportunities to improve our current relationships and prioritize participation in practice initiatives that will generate a long term pipeline of sales for the firm. If you’re serious about progressing and ready to take on some of our clients’ most complex issues, this role is for you.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Make your mark.
What we offer you
At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn .
- We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $67,000 to $136,800. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $80,300 to $155,300. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
- Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
- Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
These jobs might be a good fit
Palo Alto District Sales Manager United States, Arizona, Phoenix
Share
Being the cybersecurity partner of choice, protecting our digital way of life.
Your Career
We are looking for a proven first-line sales leader with great energy, leadership, and initiative to drive team performance and revenue growth for our sales team. This role will entail:
- Deeply understanding your customers’ needs by doing the research to develop insight into their priorities
- Bring support to your team by participating in and leading prospect meetings
- Deep dive into weekly territory pipeline and forecasting activities to coach direct reports on strategies to drive closure
- Actively engage in territory planning and development, relationship development and opportunity to drive revenue by supporting and assisting your team in closing opportunities
- Lead a high-performance sales culture that delivers results in bookings, sales development, and forecast accuracy while simultaneously mentoring and developing your team
- In-depth technical knowledge of our portfolio with the ability to take a holistic approach to help solve our customers' problems
- Drive and oversee team selling opportunities
- Holds team and self accountable to achieve challenging goals while maintaining a forward-thinking approach when faced with setbacks
- Ability to communicate with leaders at all levels, including C-suite and establishes open and trusting relationships
- Successfully influences others through change management
- Development of a winning team, including recruiting, hiring and training while upholding our core values
Your Experience
- Experience and knowledge of SaaS-based architectures, ideally in a networking and/or security industry
- Experience with channel and partner sales models
- Proven leader with the ability to create high performing teams in a rapidly growing sales environment.
- Year over year track record of successful sales pipeline management and results
- Highly driven individual with an execution focus and a strong sense of urgency with an entrepreneurial mindset
- Track record of consistently delivering revenue numbers and goals while maintaining a focus on team development and growth.
- Capable of successfully managing significant client escalations and issues
- Excellent at influencing others, both externally and internally; ability to communicate effectively and build consensus across various functional groups to achieve goals
- You're a leader and you know that to get the best results, you also have to be a great team player, building excellent rapport and collaboration with cross-functional teams
All your information will be kept confidential according to EEO guidelines.
This role may require travel to and from Palo Alto Networks, Inc. business meetings and events and requires reliable transportation to do so. If a hire chooses to drive in connection with company business, the hire for this role must maintain a valid driver’s license.
These jobs might be a good fit
EY Service Delivery Center QA Automation Tester Senior - Charlo... United States, North Carolina, Charlotte
Share
Withing our IFRS team you will act as an IFRS expert for our audit team and your client portfolio. You will have the following tasks & responsibilities:
• Acting as an expert regarding all IFRS related questions (related to a transaction or an audit).
• You ensure the follow-up of the IFRS developments & external publications to be able to advice clients correctly on the impact of these changes on their daily financial management.
• You support the audit teams with IFRS assignments.
• You review the financial reports of performed audits.
• Analytical mindset.
• Attention to detail.
• A strong work ethic.
• Hands-on and pragmatic attitude.
• Focused on continuous improvement.
• Efficient and innovative.
• Creative, proactive, team player and critical thinking.
• Dedicated, innovative, resourceful, analytical, and able to work under pressure.• You have an Academic education in Economics, Finance, Accounting, or similar fields of study.
• You have at least 2 years of professional experience in a domain relevant to IFRS.
• You have a good knowledge and interest of IFRS standards and SNC.
• You have a passion for IFRS and are willing to continuously keep your knowledge up to date with the new evolvements.
• You are a results-oriented team player; and
• You have an upper intermediate English level and be fluent in Portuguese.• Knowledge in USGAAP.
• Interest on problem solving situations with autonomy to research and discuss potential solutions.
• Good technical writing and presentation skills.
What we look for
An effective communicator and you’ll be a confident team player equipped with strong people management skills; Creative, proactive, a team player, and able to work under pressure. It’s important to have a strategically focused mindset and the ability to deliver multiple projects and present information in a clear and concise manner. Business mindset and some commercial acumen. We value a strong work ethic, forward-thinking, and being a self-starter; If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.
What we offer
We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Plus, we offer support and coaching, opportunities to develop new skills and progress your career, and the freedom and flexibility to handle your role in a way that’s right for you.
• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
These jobs might be a good fit
Bank Of America Financial Center Manager - Boston District United States, Massachusetts, Boston
Share
Job Description:
Job Description:
This job is responsible for managing a financial center and its employees on a day-today basis. Key responsibilities include operating as a business owner and fostering a team environment, instilling an effective client-centric and risk culture in the center, and helping clients achieve the financial goals. Job expectations include ensuring operational excellence and cohesive effectiveness.
Responsibilities:
• Develops talent, including proactive sourcing of candidates
• Manages client traffic, engaging and appropriately routing clients, and fostering client retention
• Manages business results through formalized management routines and coaching
• Creates a world class client experience environment
• Manages market-level initiative prescribed by market leaders
• Drives operational excellence by engaging employees on business strategy
• Manages organizational priorities and effective execution
Managerial Responsibilities:
This position may also have responsibilities for managing associates. At Bank of America, all managers at this level demonstrate the following responsibilities, in addition to those specific to the role, listed above.
• Breaks down barriers to create a more inclusive environment that supports company D&I goals
• Challenges end-to-end process efficiency and effectiveness, champion data driven decision-making and removes obstacles to optimize operations
• Contributes to enterprise strategy and influence messaging to connect team contributions to business purpose, results, and success
• Inspects and challenges risk controls, governance and culture to ensure the timely identification, escalation, debate and remediation of risk across the organization
• Coaches to sustain and elevates organizational performance while differentiating to ensure pay for performance
• Efficiently allocates and manages resources across the organization to drive short and long term profitability
• Inspects and manages the health of the bench to ensure succession for the organization, while supporting enterprise talent needs
• Mobilizes organizational resources to deliver the full range of the bank’s capabilities to meet client needs and to gain competitive advantage4
Required Qualifications:
• 1+ years leadership experience demonstrated through one or a combination of the following: coaching, training, or motivating a diverse work team
• Is an enthusiastic, highly motivated self-starter with a strong work ethic and intense focus on results, acting in the best interest of the client.
• Collaborates effectively to get things done, building and nurturing strong relationships.
• Displays passion, commitment and drive to deliver an experience that improves our clients’ financial lives.
• Is confident in identifying solutions for clients based on their needs and can resolve problems independently or bring in others as needed.
• Communicates effectively and confidently, and is comfortable engaging all clients.
• Has the ability to learn and adapt to new information and technology platforms.
• Applies strong critical thinking and problem-solving skills to meet clients’ needs.
• Will follow established processes and guidelines in daily activities to do what is right for clients and the bank, adhering to all applicable laws and regulations.
• Efficiently manages your time and capacity.
• Can manage complexity, prioritize tasks, delegate and execute in a fast-paced environment.
• Can interpret performance results, find opportunities to drive success and hold others accountable to results.
• Can be flexible to work weekends and/or extended hours as needed.
Desired Qualifications:
• 1+ years management experience including hiring, coaching, and developing direct reports
• Experience in financial services and knowledge of financial services industry, products and solutions.
• Experience working in an environment with individual and team goals where goals were routinely met or exceeded.
• Bilingual skills.
• Customer Service Management
• Performance Management
• Coaching
• Customer and Client Focus
• Talent Development
• Risk Management
• Sales Performance Management
• Business Operations Management
• Recruiting
• Result Orientation
• Referral Management
• Leadership Development
• Inclusive Leadership
• Prioritization
• Problem Solving
Minimum Education Requirement:
• High School Diploma / GED / Secondary School or equivalent
These jobs might be a good fit
EY Cyber SDC - Attack & Penetration Exp Staff Consulting Locati... United States, Texas, Dallas
Share
As a Senior Consultant in Offensive Security within our Service Delivery Center, you will play a pivotal role in enhancing our clients' security posture through proactive threat assessments and vulnerability management. You will lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives, ensuring that security measures are integrated throughout the software development lifecycle while optimizing service delivery processes.
In this role, you will manage and execute penetration testing, red teaming, and security assessments for our clients. You will work closely with cross-functional teams to identify vulnerabilities, develop mitigation strategies, and ensure that security practices align with industry standards. Your expertise will drive the team’s efforts in automating security processes and help our clients build a more secure working world.
Your Key Responsibilities
- Lead, scope, and execute penetration testing projects, including web applications (including black box, white box, and gray box assessments), networks, cloud environments, hardware, and firmware.
- Develop and execute red team and purple team scenarios to identify gaps in organizational security postures and provide actionable recommendations.
- Perform in-depth penetration testing results create comprehensive reports detailing findings, exploitation procedures, risks, and recommendations.
- Stay current with emerging security threats, vulnerabilities, and industry best practices, and promote continual learning within the team.
- Assist in configuring, handling, patching, and updating penetration testing software an supporting infrastructure to ensure optimal performance and security.
- Contribute to the creation and updating of operational metrics for client meetings, providing insights into tool performance and security findings.
Skills and Attributes for Success
- Proven experience in penetration testing and offensive security practices, with a minimum of 5+ years of related work experience.
- Strong knowledge of automation tools and processes, particularly in the context of offensive security and application security.
- Excellent problem-solving skills and the ability to manage multiple security projects simultaneously.
- Effective communication skills to liaise with clients and internal stakeholders, translating complex technical concepts into understandable terms.
To qualify for the role, you must have
- Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
- A minimum of three (3) years’ experience in incident response or performing penetration tests; or a minimum of one (1) year working in an electric utility in the area of generation, or transmission & distribution performing penetration tests
- Extensive experience with manual attack and penetration testing, including web applications, networks, and cloud environments.
- Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks.
- Knowledge of Windows, Linux, Unix, and other major operating systems.
Ideally, you’d also have
- Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc.
- Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, and open-source project involvement.
- Strong analytical skills with the ability to interpret complex information and communicate it effectively.
- Active interest in staying updated on the latest cybersecurity threats and trends, promoting continual learning and adaptation.
What We Offer
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to succeed in high performing teams.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
What we offer you
At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn .
- We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $61,200 to $100,500. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $73,100 to $113,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
- Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
- Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
These jobs might be a good fit
Palo Alto Cortex Cloud District Sales Manager Strategics West United States, Colorado, Denver
Share
Being the cybersecurity partner of choice, protecting our digital way of life.
Your Career
The role involves simulating, automating, and developing proof-of-concepts for known threats and offensive tools to evaluate new feature security coverage and detection quality, aligned with the Kill Chain/MITRE ATT&CK Framework and real-world threats. We need an experienced Security Researcher with a deep background in offensive security concepts and a strong interest in Linux, Cloud, and macOS platforms.
You will conduct Linux security evaluations, research innovations to enhance our security solutions, and find innovative yet practical solutions to contemporary problems. You will also develop custom tools and advanced in-house security capabilities to continuously validate our product's defenses.
Your Impact
- Work hand-in-hand with the Cortex Agent release team. This role demands applied research synchronized with our delivery schedule, ensuring that every feature release is validated against the latest threats prior to launch.
- Drive our threat simulation automation strategy by researching and developing new tools and capabilities that emulate real-world adversary behavior.
- Enrich our Security Automation Coverage and infrastructure to protect against known and unknown threats.
- Thrive in a fast-paced, high-impact environment, mastering new security features, technologies, and complex platforms (from kernel to Kubernetes) quickly.
- Conduct hands-on research to identify real-world Malware, exploits, and novel attack vectors, then create and code PoCs to test our defenses.
- Act as a key research partner with engineering teams to push and validate our product capabilities.
- Leverage data-driven approaches to identify threats and propose effective mitigations.
Your Experience
- 5+ years of hands-on experience in security research, offensive security, or security development.
- Strong, practical development skills (Python, C, Go, Git are advantages) for automating attack tools, building PoCs, and creating testing infrastructure.
- Extensive knowledge of Linux internals ("under the hood").
- Proven ability to adapt, learn quickly, and switch contexts between complex technical domains (e.g., from kernel research to cloud-native security).
- Experience with Linux eBPF and modern kernel technologies.
- Experience with Linux namespaces & cgroups.
- Familiarity with Managed and Unmanaged Kubernetes solutions.
- Ability to work independently and as part of a team, managing fast-paced tasks and stressed time constraints while maintaining focus.
Advantages
- Knowledge of Cloud Workloads such as GCP, AWS, Azure
- Strong debugging skills with various tools on different Linux platforms
- Experience with reversing tools such as IDA Pro, Strace, etc
All your information will be kept confidential according to EEO guidelines.
These jobs might be a good fit
Share
As a Senior Consultant in Offensive Security within our Service Delivery Center, you will play a pivotal role in enhancing our clients' security posture through proactive threat assessments and vulnerability management. You will lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives, ensuring that security measures are integrated throughout the software development lifecycle while optimizing service delivery processes.
In this role, you will manage and execute penetration testing, red teaming, and security assessments for our clients. You will work closely with cross-functional teams to identify vulnerabilities, develop mitigation strategies, and ensure that security practices align with industry standards. Your expertise will drive the team’s efforts in automating security processes and help our clients build a more secure working world.
Your Key Responsibilities
- Lead, scope, and execute penetration testing projects, including web applications (including black box, white box, and gray box assessments), networks, cloud environments, hardware, and firmware.
- Develop and execute red team and purple team scenarios to identify gaps in organizational security postures and provide actionable recommendations.
- Perform in-depth penetration testing results create comprehensive reports detailing findings, exploitation procedures, risks, and recommendations.
- Stay current with emerging security threats, vulnerabilities, and industry best practices, and promote continual learning within the team.
- Assist in configuring, handling, patching, and updating penetration testing software an supporting infrastructure to ensure optimal performance and security.
- Contribute to the creation and updating of operational metrics for client meetings, providing insights into tool performance and security findings.
Skills and Attributes for Success
- Proven experience in penetration testing and offensive security practices, with a minimum of 5+ years of related work experience.
- Strong knowledge of automation tools and processes, particularly in the context of offensive security and application security.
- Excellent problem-solving skills and the ability to manage multiple security projects simultaneously.
- Effective communication skills to liaise with clients and internal stakeholders, translating complex technical concepts into understandable terms.
To qualify for the role, you must have
- Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
- A minimum of ten (10) years’ experience performing penetration tests; or a minimum of five (5) years working in an electric utility in generation, or transmission & distribution performing penetration tests
- Extensive experience with manual attack and penetration testing, including web applications, networks, and cloud environments.
- Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks.
- Knowledge of Windows, Linux, Unix, and other major operating systems.
Ideally, you’d also have
- Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc.
- Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, and open-source project involvement.
- Strong analytical skills with the ability to interpret complex information and communicate it effectively.
- Active interest in staying updated on the latest cybersecurity threats and trends, promoting continual learning and adaptation.
What We Offer
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to succeed in high performing teams.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
What we offer you
At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn .
- We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $77,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
- Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
- Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
These jobs might be a good fit
