EY Manager - Forensics VAPT Riyadh 

Saudi Arabia, Riyadh Region, Riyadh 

891875803

As a Manager, you’ll build valued relationships with external clients and internal peers and develop a portfolio of projects by focusing on high value opportunities. You’ll lead presentations and proposals for complex projects or elements of highly complex projects and provide subject matter insight to bids and proposals. Drawing on your skills and experience, you’ll create innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs, and contribute to thought leadership.As a Manager in the Resilience & Digital Trust team managing VAPT, you will lead and grow a specialized team responsible for delivering managed Vulnerability Assessment and Penetration Testing (VAPT) services. You will provide strategic advisory and technical expertise to strengthen clients' cybersecurity defenses, identify security weaknesses, and ensure alignment with regulatory and industry best practices.

You will manage multiple client engagements at an executive level, working with senior stakeholders to assess vulnerabilities, simulate real-world attacks, and develop remediation strategies. Your leadership will help organizations proactively identify and mitigate cyber risks, maintain compliance, and enhance their overall security posture.

Specifically, you will need to:

• Lead the delivery of end-to-end managed VAPT services, including network, application, cloud, OT/ICS, wireless, and mobile assessments.
• Oversee scoping, planning, and execution of penetration testing engagements while ensuring quality, consistency, and alignment with recognized frameworks (e.g., OWASP, MITRE ATT&CK, NIST, OSSTMM).
• Develop and maintain VAPT methodologies, testing frameworks, and reporting templates to ensure standardized service delivery.
• Identify security vulnerabilities and misconfigurations and provide clients with actionable risk-based recommendations and remediation plans.
• Manage vulnerability scanning tools and platforms and integrate findings into centralized dashboards for continuous monitoring and reporting.
• Ensure that all assessments are conducted in a safe, controlled manner and in accordance with agreed-upon rules of engagement and regulatory requirements.
• Present findings to technical and non-technical stakeholders, including executive leadership, and support remediation discussions and threat prioritization.
• Collaborate with incident response, threat intelligence, and governance teams to contextualize findings and strengthen overall cyber defense strategy.
• Mentor junior team members, conduct peer reviews, and support capability development across the VAPT team.

To qualify for the role, you must have

• Bsc. computer science or information technology or cyber security
• Certificates such as CISA, CISM, and CISSP, ISO 27001 is a plus
• Minimum of 10 years of hands-on experience in the digital forensics and incident response domain.
• Broad industry expertise and network, and with an establishes experience with a top tier firm
• Lead a team of professionals to combine diverse cross-border experience with local knowledge across a broad spectrum of industries
• Work effectively as a member of a worldwide network of professional advisors, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress
• Strong understanding of expectations of regulators and international organizations such as NCA, ISO, and NIST.

Ideally, you’ll also have

• Experience in cloud security testing (e.g., AWS, Azure, GCP environments).
• Familiarity with DevSecOps and secure SDLC principles.
• Experience conducting red teaming or adversary simulation exercises.
• Strong communication skills in both Arabic and English.
• Prior work experience in the Kingdom of Saudi Arabia (KSA), with understanding of local compliance requirements.
• Consulting background with a proven ability to engage C-level clients and deliver executive-level reports.

We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.