EY Consulting - Technology Cyber 

China, Hong Kong, Hong Kong Island 

21235897

Cyber threats, emerging technologies, cloud adoption, digital disruption, and changing

ideas, techand nologies and explore new challenges.

Your key responsibilities

• Lead a team to perform vulnerability scanning and penetration testing of web applications, mobile

applications (Android and iOS), web services, API, network, thick client etc.

• Prepare and review testing reports and findings tracker sheets based on the provided template

• Lead a team to perform intelligence-led cyber attack simulation and run red teaming operations

• Communicate with customer stakeholders to explain and demonstrate vulnerabilities, and govern the mitigation of the identified vulnerabilities

• Research the latest security best practices and stay abreast of new threats and

• Coach / mentor junior team members on VSPT and read teaming related knowledge and skills

• Participate in a fast-paced delivery in challenging projects of other cyber security

• Involve in customer relationship management, project management and team

• Candidates with less experience will be considered as Senior Associate

Requirements:

To qualify for the role you must have:

• College degree or equivalent with minimum 5 years' related experience in penetration testing

• Mandatory Certification - any one of OSCP, CREST, GPXN, GPEN or equivalent

• Proven skills and knowledge in penetration testing and red teaming experiences and strong track records of projects delivered

• Good experience in using VSPT and red teaming tools (e.g. Nessus, AppScan, Accunetix, Burpsuite Pro, WebInspect, etc.) and Risk Rating Standards like DREAD, CVSS etc.

• Proficiency in written and oral English communication skills. Cantonese is an advantage

• Experience in static and dynamic secure code review will be an advantage

• Experience in application security architecture and assessment will be an advantage

• Experience in threat intelligence and threat modeling will be an advantage

• Exposures to working with industry leading organizations

• Opportunities to develop new skills by working together with leading professionals in penetration testing and red teaming fields

• The freedom and flexibility to handle your role in a way that’s right for you

• Support, coaching and feedback from some of the most engaging colleagues around

As a global leader in assurance, tax, strategy and transactions and consulting services, we’re using the finance products, knowledge and systems we’ve developed to build a better

working world. That starts with a culture that believes in giving you the training,

opportunities and creative freedom to make things better. Whenever you join, however