EY Cyber SDC - Vulnerability Management Project 

United States, Texas, Dallas 

370738001

Your Key Responsibilities

• Developing rapport with others by demonstrating an understanding of their concerns, needs, and issues, and focusing on developing an internal network of relationships that can provide advice and support.
• Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes.
• Stay abreast of current business and industry trends relevant to the client's business and cybersecurity.
• Assist engagement teams in evaluating client vulnerability management programs across people, process, and technology.
• Work with engagement teams to own distinct portions of vulnerability management solutions tailored to client environments.
• Perform and control vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls.

Skills and Attributes for Success

• Familiarity with security and risk standards including -2, CIS, PCI DSS, NIST, ITIL, COBIT.
• Knowledge of Windows, Linux, UNIX, and any other major on-prem and cloud based operating systems.
• Hands on operational experience with vulnerability management tools (e.g., Qualys, Nexpose), including the ability to deploy, configure and run these tools.
• Ability to evaluate vulnerability management tools and assist with vendor selection.
• Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions.
• Ability to help manage cybersecurity projects including development of project charters, plans and status updates.
• Experience with scripting / programming skills (e.g.,
• Experience with utilizing Microsoft Excel and/or PowerBi to develop vulnerability management program metrics.
• Familiarity with latest security vulnerabilities and exploits, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture.
• Experience with using factors such as EPSS, CVSS, CISA KEV and threat intelligence sources to identify and prioritize vulnerabilities.
• Proficient knowledge of CVE (Common Vulnerabilities and Exposures) and CWE (Common Weakness Enumerations) frameworks.
• Experience in developing and curating meaningful metrics for both executive and operational audiences, translating technical details into actionable

To qualify for the role, you must have

• Demonstrated experience in vulnerability management, including hands-on use of vulnerability management tools.
• Prior experience in providing Vulnerability Management services to clients from various industries, demonstrating versatility and adaptability in addressing diverse Vulnerability Management challenges.
• Strong written and verbal communication skills with demonstrated ability to interact with senior management, technical SMEs, business partners and influence decisions.
• Must be able to effectively communicate with business partners in non-technical terms.
• A willingness to travel to meet client needs.
• A valid driver's license in the US.

Ideally, also have

• Strong interpersonal and communication skills to collaborate with clients and present solutions.
• Ability to analyze issues both strategically and technically.
• Proven ability to influence decisions and work across multiple simultaneous initiatives.
• Prior consulting experience (preferred).
• Willingness to travel for client needs
• A cyber security certification such as the CISSP, CEH, or GSEC is a plus

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.