Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

EY Manager Cybersecurity Offensive Sec / Red teaming 
Netherlands, North Holland, Amsterdam 
106497913

15.09.2024

With rapidly changing cybersecurity threats, clients from all industries look to us for trusted solutions for their increasingly complex risks. As a member of our Cyber team you’ll have the opportunity help clients gain insights into their cybersecurity program and strategy as a whole. You will have access to our robust solutions to advise clients on managing cybersecurity risk, enhancing maturity, and improving efficiency. You will belong to an international connected team of specialists helping our clients with their most complex cybersecurity needs and contributing toward their business resilience.Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. As part of our Cyber Threat Management team, you’ll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing, red teaming and simulating physical breaches to identify vulnerabilities.


Responsibilities– How can you make a lasting impact in a rapidly changing world?

  • You’ll work with our practice in Amsterdam, and have a leading role on threat management projects. Within projects you may have the following responsibilities:
  • Lead penetration testing projects which includes internet, intranet, wireless, web application, social engineering and physical penetration testing.
  • Lead and execute red team scenarios to highlight gaps impacting organizations security postures.
  • Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
  • Provide technical leadership and advise to consultants and senior consultants on attack and penetration test engagements.
  • Lead the analyses of code (security code review)
  • Lead the identification and exploitation of security vulnerabilities in a wide array of systems in a variety of situations.
  • Review and perform in-depth analysis of penetration testing results and oversee reporting that describes findings, exploitation procedures, risks and recommendations.
  • Lead penetration testing projects using the established methodology, tools and rules of engagements.
  • Convey complex technical security concepts to technical and non-technical audiences including executives.

Job requirements– Where do you start if you want to change the world?

  • .Bachelors degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major with a minimum of 5 to 10 years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments.
  • Experience with manual attack and penetration testing.
  • Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc).
  • Updated and familiarized with the latest exploits and security trends.
  • Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
  • Familiarity to perform network penetration testing in stealth manner.
  • Any two of the following certifications OSCP, GPEN, GWAPT, OSCE, OSEE, GXPN.
  • A driver’s license valid in The Netherlands
  • Willingness and ability to travel within The Netherlands to meet client needs.
  • Strong client services orientation and accustomed to taking a proactive role in engagements
  • Flexible, responsible and self-confident personality, who feels comfortable in client’s environment
  • Knowledge of Windows, Linux, Unix, any other major operating systems
  • Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends in Cloud implementations.
  • Deep understanding of TCP/IP network protocols.
  • Deep understanding and experience with various Active Directory attack techniques.
  • Understanding of network security and popular attacks vectors.
  • An understanding of web-based application vulnerabilities (OWASP Top 10).

We offer an attractive employment package that rewards individual and team achievements:

  • Vitality: the choice is yours. An online session with an external vitality coach, practical tips on topics such as nutrition, energy, sleep, and mindset and/or a voucher card to rent a padel court.
  • Flexible working: you decide where and when you work in consultation with your team. At home, at the office, at the client or from another European country (up to 20 working days per year).
  • Home office arrangement: to optimally set up your home office, EY has the following resources available for you: office chair, sit/stand desk, external monitor, desk lamp, (Bluetooth) headset and a large external keyboard
  • Laptop and smartphone: you are entitled to a laptop and smartphone with a business subscription.
  • Salary: in addition to your fixed salary, depending on EY's financial performance, you may be eligible for a bonus. You are also entitled to an expense allowance (depending on the function) and an internet allowance of €40 net per month.
  • Time off: you are entitled to 29 vacation days per year when full-time employed.
  • Sabbatical: the option to take unpaid leave after consultation.
  • Birth leave: EY will pay 100% of the birth leave, in case of an additional birth leave EY will pay 70% of the salary.
  • Training and education: EY believes it's important for everyone to always have the opportunity to further develop yourself. We therefore offer you the opportunity to take part in various soft & hard skills training, external courses and/or sign up for an additional education. For example, obtaining an MBA to broaden your skills in Leadership, Business and Tech.
  • Mobility: Contribute directly to our ambition to reduce EY's carbon footprint to zero by 2025. With the new scheme you choose the most diverse sustainable options via the EY My Daily Travel app or online environment. Think of the use of lease bicycles, electric shared scooters, electric shared cars, flexible lease cars and various subscriptions for public transport. You can also view your CO2 footprint via the app.
  • Bicycle arrangement: finance the purchase cost of your new bicycle from your gross monthly salary (purchase cost amount divided over 12 months) or from your non-statutory holiday entitlement.
  • Pension scheme: you will build up a pension capital directly after your start at EY. Each month the available premium amount is transferred for you in an investment account at our pension provider. You will also have the option to build up additional pension capital on a voluntary basis.

For more information about our employment terms, visit our page .

Recruitment procedure


Due to laws and regulations, and because EY (and in some cases its clients) has high demands on the reliability and integrity of its employees, every new employee will be screened. Depending on your rank the pre-employment screening could contain the following: Certificate of Conduct (in Dutch: VOG) or - if requesting a Dutch VOG is not possible - Criminal Background Check of the country you are currently living or have lived during the last five years, integrity questionnaire, verification of ID, diploma’s and/or work experience and consultation of the Dutch insolvency registry.