EY Cyber Security Attack & Penetration Testing - Manager 

Philippines, Taguig 

762940080

• Job Title: TEM Manager
• Location: Philippines
• Line / SL: Tech Consulting/Cybersecurity
• Competency: Threat Exposure Management (TEM)

• The Threat and Exposure Management Manager is responsible for all internal Attack and Penetration operations and act as Local Engagement Manager.
• Manage all client engagement related activities.
• Effectively leverage the team composition to maximize the potential of each member in performing their tasks and review the output for the best quality.
• Demonstrate strong project management skills.
• Provide guidance and encourage continuous learning and development for the team. Collaborate with the team to build solutions for accomplishing engagement objectives.
• Maintain relationships with client management to manage expectations of the services.
• Identify issues and security flaws that impact client asset and businesses and provide up to date industry best practices in mitigating and reducing risk by remediating identified vulnerabilities.

• In-depth knowledge of OWASP Top 10 and CVEs, and the ability to effectively communicate methodologies and techniques with development teams and operations
• Work with computer systems and web applications and are comfortable using the following software and programs:
• Security assessment tools (such as Burp Suite, SQLmap, nmap, etc.)
• Operating systems (such as Linux, Unix, Windows) and web platforms (CMS, Apache, MS IIS, etc.)
• Programming languages and frameworks (such as SQL, C ++, JavaScript, Ruby, and Python)
• Network and Security Infrastructure:
• Knowledgeable in Firewall Appliance (such as Fortigate, Palo Alto, Cisco ASA,etc.)
• End-point Protection (such as Symantec, McAfee, Carbon Black, etc.)
• Knowledgeable in L2 and L3 Networking devices (Cisco, Juniper, etc.)
• Understanding of Networking concepts (TCP/IP model, OSI Layers, network protocols, routing protocols, TACACS, Radius, VPN (GRE/IPSEC tunnel), etc.
• Understanding of Wireless protocols (WPA, WPA2, WLAN, etc.)

• Bachelor's degree in BE / M Sc (Stats, Maths, Computer Science)
• For Manager level with equal or more than 7 years of experience:
• Knowledge of Windows, Linux, UNIX, any other major operating systems.
• Deep understanding of TCP/IP network protocols.
• Understanding of network security and popular attack vectors.
• Understanding of web-based application vulnerabilities (OWASP Top 10)
• Experience with manual attack and penetration testing.
• Experience with scripting and programming skills (e.g Python, Java, Perl, Powershell, etc)
• Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
• Strong project and people management skills.

• Certifications such as OSCP, GWEB, CISSP, OSWP, GPEN, GWAPT, or other similar industry recognized certifications is nice to have

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.