Cyber SDC - WAM Penetration Tester - Senior - Location ...

Join to apply for the Cyber SDC - WAM Penetration Tester - Senior - Location OPEN role at EYLocation: Anywhere in CountryAt EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Overview Title: Cybersecurity – Attack and Penetration Tester Practice Description: Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. The Opportunity: Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Responsibilities Identify potential threats and vulnerabilities to operational environments as part of the Penetration Testing team. Conduct penetration testing, including web applications, APIs, and thick client testing; simulate physical breaches where appropriate. Plan, pursue, deliver and manage engagements to assess, improve, build, and, in some cases, operate integrated security operations for clients. Provide technical leadership and advise junior team members on attack and penetration test engagements. Lead in delivering high-quality reports with findings, exploitation procedures, risks, and recommendations. Execute penetration testing projects using established methodologies, tools, and rules of engagement. Convey complex technical security concepts to technical and non-technical audiences, including executives. Qualifications To Qualify for the Role, You Must Have: A bachelor’s degree and at least 5+ years of related work experience Experience with manual attack and penetration testing Experience with scripting/programming skills (e.g., Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc.) Updated familiarity with the latest exploits and security trends Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT Ideally, you’ll also have: A bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related experience, or a master’s degree with at least 2+ years in penetration testing Contributions to the security community (research, public CVE disclosures, bug bounty acknowledgments, open-source involvement, publications) Understanding of web-based application vulnerabilities (OWASP Top 10) Strong analytical and problem-solving abilities Excellent communication skills, both written and verbal Ability to work collaboratively in a team environment What We Look For We’re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us—but also to the industry as a whole. What We Offer You We offer a comprehensive compensation and benefits package with detailed salary ranges, medical and dental coverage, pension and 401(k) plans, and paid time off options. Hybrid model expectations: most client-serving roles to work in person 40-60% of the time over an engagement, project, or year. Flexible vacation policy and designated EY holidays, with options for personal/family care leaves to support well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world. EY teams help clients shape the future with confidence and develop answers for today and tomorrow. EY is an equal opportunity employer and provides reasonable accommodation as needed during the application process. Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology; Industries: Professional Services #J-18808-Ljbffr

Created: 2025-09-17