EY Manager Cybersecurity Offensive Sec / Red teaming 

Netherlands, North Holland, Amsterdam 

11398073

With rapidly changing cybersecurity threats, clients from all industries look to us for trusted solutions for their increasingly complex risks. As a member of our Cyber team you’ll have the opportunity help clients gain insights into their cybersecurity program and strategy as a whole. You will have access to our robust solutions to advise clients on managing cybersecurity risk, enhancing maturity, and improving efficiency. You will belong to an international connected team of specialists helping our clients with their most complex cybersecurity needs and contributing toward their business resilience.Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. As part of our Cyber Threat Management team, you’ll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing, red teaming and simulating physical breaches to identify vulnerabilities.

Responsibilities– How can you make a lasting impact in a rapidly changing world?

• You’ll work with our practice in Amsterdam, and have a leading role on threat management projects. Within projects you may have the following responsibilities:
• Lead penetration testing projects which includes internet, intranet, wireless, web application, social engineering and physical penetration testing.
• Lead and execute red team scenarios to highlight gaps impacting organizations security postures.
• Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
• Provide technical leadership and advise to consultants and senior consultants on attack and penetration test engagements.
• Lead the analyses of code (security code review)
• Lead the identification and exploitation of security vulnerabilities in a wide array of systems in a variety of situations.
• Review and perform in-depth analysis of penetration testing results and oversee reporting that describes findings, exploitation procedures, risks and recommendations.
• Lead penetration testing projects using the established methodology, tools and rules of engagements.
• Convey complex technical security concepts to technical and non-technical audiences including executives.

Job requirements– Where do you start if you want to change the world?

• .Bachelors degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major with a minimum of 5 to 10 years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments.
• Experience with manual attack and penetration testing.
• Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc).
• Updated and familiarized with the latest exploits and security trends.
• Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
• Familiarity to perform network penetration testing in stealth manner.
• Any two of the following certifications OSCP, GPEN, GWAPT, OSCE, OSEE, GXPN.
• A driver’s license valid in The Netherlands
• Willingness and ability to travel within The Netherlands to meet client needs.
• Strong client services orientation and accustomed to taking a proactive role in engagements
• Flexible, responsible and self-confident personality, who feels comfortable in client’s environment
• Knowledge of Windows, Linux, Unix, any other major operating systems
• Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends in Cloud implementations.
• Deep understanding of TCP/IP network protocols.
• Deep understanding and experience with various Active Directory attack techniques.
• Understanding of network security and popular attacks vectors.
• An understanding of web-based application vulnerabilities (OWASP Top 10).

We offer an attractive employment package that rewards individual and team achievements:

• • Vitality: the choice is yours. An online session with an external vitality coach, practical tips on topics such as nutrition, energy, sleep and mindset, a discount at Healthcity and/or a voucher card to rent a padel court.
  • Flexible working: you decide where and when you work in consultation with your team. At home, at the office, at the client or from another European country (up to 20 working days per year).
  • Home office arrangement: to optimize your home office, EY provides the following resources for you: office chair, sit/stand desk, an external monitor, a desk lamp, a (Bluetooth) headset, and a large external keyboard.
  • Birth leave: EY will pay 100% of the birth leave, in the case of an additional birth leave, EY will pay 70% of the salary.

For a full overview of our employment package click here:

Recruitment procedure

Due to laws and regulations, and because EY (and in some cases its clients) has high demands on the reliability and integrity of its employees, every new employee will be screened. Depending on your rank the pre-employment screening could contain the following: Certificate of Conduct (in Dutch: VOG) or - if requesting a Dutch VOG is not possible - Criminal Background Check of the country you are currently living or have lived during the last five years, integrity questionnaire, verification of ID, diploma’s and/or work experience and consultation of the Dutch insolvency registry.