Cyber SDC - WAM Penetration Tester - Senior - Location ...

Overview Join to apply for the Cyber SDC - WAM Penetration Tester - Senior - Location OPEN role at EY. Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Title Cybersecurity – Attack and Penetration Tester Practice Description Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. The Opportunity Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. EY is a global leading service provider in this space, and you will be working with the best in a collaborative environment. Wherever you join or stay, the EY experience lasts a lifetime. Your Key Responsibilities Identify potential threats and vulnerabilities to operational environments as part of our Penetration Testing team. Conduct penetration testing, including web application, API, and Thick client testing; simulate physical breaches where appropriate. Plan, pursue, deliver and manage engagements to assess, improve, build, and, in some cases, operate integrated security operations for our clients. Research and discover the newest security vulnerabilities; participate in conferences and share knowledge with industry groups. Provide thought leadership and communicate findings through reports and appropriate channels. Skills and Attributes to Success Perform penetration testing including web, API, and Thick client testing. Ability to work independently and/or lead a technical testing team on engagements. Provide technical leadership and mentor junior team members. Identify and exploit security vulnerabilities across diverse systems. Analyze penetration testing results and produce comprehensive reports with findings and recommendations. Execute projects using established methodology, tools, and rules of engagement. Explain complex technical security concepts to technical and non-technical audiences, including executives. Qualifications To qualify for the role: a bachelor’s degree and at least 5+ years of related work experience; experience with manual attack and penetration testing; scripting/programming skills (e.g., Bash, Python, PowerShell, Java, JavaScript, etc.). Up-to-date familiarity with the latest exploits and security trends. Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEP, OSWE, GPEN, GWAPT, GMOB, GCPN, GXPN, and others listed in the original posting. Preferred/Ideal Bachelor’s in Computer Science, Cybersecurity, Information Systems, IT, Engineering, or related field; with 3+ years (or master’s with 2+ years) of related experience in penetration testing, including internet, intranet, web application tests, wireless, social engineering, and red team assessments. Contributions to the security community (research, CVE disclosures, bug bounty, open-source, publications). Understanding of web-based vulnerabilities (OWASP Top 10); strong analytical, problem-solving, and communication skills; team-oriented collaboration. What We Look For We seek intellectually curious individuals with a genuine passion for cybersecurity and a drive to contribute innovative ideas in attack and penetration testing. What We Offer Comprehensive compensation and benefits; salary ranges vary by location; Total Rewards includes medical/dental, pension and 401(k), and paid time off. Hybrid work model with a mix of in-person and remote work expectations. Flexible vacation policy and designated holidays; accommodations available for needs related to well-being. EEO and How to Apply EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis. EY is committed to reasonable accommodation for qualified individuals with disabilities. If you need assistance applying online or requesting an accommodation during any part of the application process, contact EY’s Talent Shared Services Team at . EY | Building a better working world Earned from data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for today’s issues and tomorrow’s challenges. EY operates in more than 150 countries and territories with services across assurance, consulting, tax, strategy and transactions. EY is an equal opportunity employer. #J-18808-Ljbffr

Created: 2025-09-17