EY Senior Consultant _ Cyber Security Penetration Test 

Vietnam, Hanoi 

424199743

Your key responsibilities

• Perform systematic and complete penetration tests on company's digital systems to identify vulnerabilities.
• Develop and implement testing methods and tools for security testing of applications, networks and systems.
• Conduct manual penetration tests of web applications, APIs, mobile applications, and network infrastructure.
• Conduct social engineering assessments, including spear phishing, physical security assessments, and desktop testing.
• Document the findings from the penetration tests and communicate them to the stakeholders.
• Develop and guide junior testers in the team for performing penetration tests proficiently.
• Work with network and application teams to understand the system and help them fix identified vulnerabilities.
• Perform vulnerability assessments as part of a risk-based security assessment program.
• Keep updated with the latest trends in cybersecurity, new vulnerabilities, and testing methodologies.
• Analyze, disassemble, and reverse engineer code to discern weaknesses for exploitation; document and discuss findings with various stakeholders.
• Assist in managing engagement by organising staffing, tracking fees and communicating issues;
• Supervise and coach juniorteam members;
• Manage and maintain strong client relationships;
• Contribute to the development of proposals,conductresearch & developmentactivities;
• Participate in business development initiatives,identifyand escalate potential business opportunities on existing engagements;

Skills and attributes for success

• Bachelor's Degree in Computer Science, Information Systems or a related field.
• A minimum of03years of experience in penetration testing or a similar role.
• Highly knowledgeable about various operating systems and databases.
• In-depth knowledge of networking protocols and web technologies.
• Previous experience with scripting and programming languages such as JavaScript, Python, Bash, or others is a plus.
• Strong understanding of vulnerability assessment and penetration testing methodologies.
• Excellent problem-solving and analytical skills.
• Exceptional communication skills; capable of conveying complex security topics in easy to understand language.
• High degree of professional integrity and strong ethical values.
• Good understanding ofcybersecuritysolutions and framework,enterprise architecture,IT/business functions and operations, industry trends;
• At least3years of experience in cybersecurity practices,in at least one of following domains: IT risk management, IT audit, security operation, security engineering,pentesting,etc;
• Having industry-recognized professtional certification e.g. CISSP, CISM, CRISC, ISO 27001 Implementor/Auditor,OSCP, OSCE, OSWE, CREST, or equivelant is a plus;
• Excellent interpersonal, written and verbal communication skillsin English and Vietnamese;
• Desire to work in consulting demonstrated by relevant course work;
• Demonstrated project management, teaming, organizational, analytical and problem-solving skills;
• Strong root-cause analysis experience and skills as well as the ability to identify strengths and weaknesses in a client’s processes and controls;
• Effective organization and time management skills with the ability to work under pressure and adhere to project deadlines;

What working at EY offers

• You will join a young, dynamic team, genuinely passionate about its work, within a leading global professional services firm;
• Opportunities to develop new skills and progress your career;
• Support, coaching and feedback from securityprofessionals;
• The freedom and flexibility to handle your role in a way that’s right for you;
• Acquire a fully accredited corporate MBA (EY Tech MBA) from Hult International Business School;