המקום בו המומחים והחברות הטובות ביותר נפגשים
In response to strong market demand, EY has ambitious plans to expand our already market leading Cybersecurity practice. We continue to build our Cybersecurity practice and are now looking for strong individuals with experience in attack and penetration testing, vulnerability assessments and Red Teaming. By joining us now, you will be part of our exciting growth strategy where you will get the opportunity to develop it in line with your own interests.
• Coordinate Red Team assessments with internal and/or external stakeholders.
• Execute Red Team assessments based on the MITRE ATT&CK framework and Cyber Kill Chain, including OSINT, phishing campaigns, persistence, lateral movement and data exfiltration.
• Perform in-depth analysis of results and create a report that describes findings, exploitation procedures, risks and recommendations.
• Convey complex technical security concepts to technical and non-technical audiences, including executives.
• Ability to work both independently as well as work together as a team of technical testers on Red Team engagements.
• Provide technical leadership and advise junior team members on Red Team engagements.
• Conduct security research to devise new attack techniques.
• Stay current with the latest exploits and security trends.
Skills and Attributes for Success
• Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major.
• A minimum of 3 years of related work experience in penetration testing and/or Red Teaming.
• Relevant certifications such as: CRTO, CRTL, CRTP, CRTE, OSCP, OSEP, OSWP, GPEN, GXPN, CCSAM, CCSAS or similar.
• Deep understanding and experience within an (Azure) Active Directory environment and how to exploit it.
• Experience with the latest EDR/AV evasion techniques.
• Having knowledge of the MITRE ATT&CK framework and Cyber Kill Chain methodology.
• Hands-on experience with Command & Control frameworks such as Cobalt Strike.
• Experience with manual attack and penetration testing on various types of systems.
• Experience with physical intrusion techniques is a plus.
• Experience with scripting / programming skills. (e.g., Python, PowerShell, Java, Perl, Ruby etc.)
• Experience with vulnerability scanning tools. (e.g. Nessus, Sqlmap, nmap, Burpsuite Pro, ZAP, etc.)
• You will join a dynamic & young team, that is exclusively focused on innovation.
• Interact with the newest products & technologies and create a better customer experience.
• We offer you an attractive remuneration package: competitive salary, net allowances and extensive fringe benefits like company car with fuel card, smart phone, health insurance, pension plan, etc.
• We offer extensive personal development training budget.
• We are proud of our flexible working arrangements. We will support you to build a successful career and deliver excellent client service without sacrificing your personal priorities. While our client-facing profession might require regular travel, and at times working at client sites, we are committed to help you achieve a work-life balance.
• At EY we are passionate about the inclusion and support of individuals of all groups; we do not discriminate on the basis of race, religion, gender, sexual orientation, or disability status.
משרות נוספות שיכולות לעניין אותך