EY Manager - Penetration Testing Technology Consulting 

Australia, Victoria, Melbourne 

663906033

We bring together extraordinary people, like you, to build a better working world.

Our EY Advanced Security Centre (ASC) is a well-established, dedicated and vibrant team that was created to help our clients protect the confidentiality, integrity, and availability of their information. Our vision is to build and bring the strongest, most diverse, and highly skilled team to the market. We strive to be the market leaders in security testing services, ready to tackle any challenge that comes our way.

• Our Advanced Security Centre Managers help lead the Offensive Security practice, building exceptional careers for our team and solving our clients’ biggest challenges.

• Work with Tier-1 clients within Financial Services clients

• Ongoing support and training that will set you up for sucesss in EY

The ASC Team provides the following services to our clients:

• Web, Web services, mobile and thick client penetration testing

• Internal/External network penetration testing

• Red Team/Purple Team assessments

• Social Engineering assessments

• Application Security consulting and secure code review

• Wireless assessments

• Vulnerability assessments

• Security configuration reviews

As an Advanced Security Centre Manager you are:

• Aspiring to be part of the management team for one of Australia’s largest penetration testing teams.

• Passionate about working with and building careers for the next generation of Offensive Security professionals.

• Able to translate technical speak to non-technical stakeholders

• Can demonstrate a high level of oral and written communication skill

• Seeking to build and take your technical Offensive Security career to the next level.

• Excited to work with some of Asia Pacific’s biggest clients.

• Looking to work with a management team that has been consistently working together for more than 8 years.

• Able to adapt to multiple different workflows with different clients.

What you’ll do

• Leading, coaching and developing our people. You will be responsible for growing their careers and driving our inclusivity and diversity values across the team.

• Managing projects from multiple clients, responsibilities include, but not limited to:

  • Scoping the project and assigning time

  • Preparing and ensuring the projects start executing on time

  • Be an escalation point to help testers for any project related issues

  • Perform peer review of project completion reports

  • Attend close out meetings to answer technical questions clients may have

• Work on and understand the underlying financials related to project work

• Be point of contact with clients for anything project or non-project related

What we’re looking for

Here is our ‘wish list’ but don’t worry if you don’t tick all the boxes. We’re interested in your passion, strengths, what you want to learn, and how far you want to go.

• Experience in managing and leading project teams of consultants assisting and advising clients with cyber security, information security and/or privacy challenges.

• A track record of delivering quality outcomes for your clients

• An understanding of managing teams and projects to budget and deadlines

• Good technical knowledge, experience, and skills (offensive security)

Ideally, you'll also have

• Experience managing a penetration testing team (preferably a large team).

• Experience managing client stakeholders and expectations.

• A methodical approach to attack and penetration testing (above running automated tools)

• Experience in web and mobile application security testing and specialisation in one other domain would be favourable (thick application or internal/external network)

• Demonstrable proficiency of at least 2 following security assessment methodologies:

  • Web, Web services, mobile and thick client penetration testing

  • Internal/External network penetration testing

  • Application Security consulting and secure code review

  • Wireless assessments

  • Social engineering/red team assessments

• Demonstrable technical understanding of at least 2 of following domains:

  • Common web technologies and frameworks

  • Application architecture

  • Cloud computing

  • Networking and Network protocols

  • DevOps methodology and pipelines

• Administration experience in any of the following:

  • Windows Active Directory Administration

  • Linux/Unix Administration

  • Database Administration

• Knowledge of one or more scripting/programming languages (e.g. Python, Ruby, PHP, Java .NET, C, C#, etc)

• Systems security skills in assessment, design, architecture, management, and reporting

• At least 6 years of management experience in penetration testing activities

• Relevant (or be willing to pursue) professional certifications such as OSCP, CRTP, SANS, CREST, CISSP etc.

What we can offer you

• Explore how a career at EY is yours to build at

• Discover how, when and where you can work at

• Learn about our commitment to DE&I at

• Understand how our benefits can support you at

Apply now… we’re over 9,000 perspectives in Australia and we’re ready to welcome yours.

At EY we take inclusivity seriously, and we’re committed to removing barriers and improving the employment prospects of people with disability or long-term health conditions. We encourage you to share any support and adjustments you need to be your best and participate equitably in our recruitment process. We understand sharing your needs with us can be daunting, so if you have questions before or during your application, we welcome you to get in touch at or +61 3 8650 7788 (option 2). Anything you tell us will be kept completely confidential.

The minimum salary for this role is AUD$100,000 inclusive of superannuation and dependent on skills and experience.

Our preferred applicant will be required to undertake employment screening by EY or our external third-party provider.