Senior Cybersecurity Consultant - Offensive Security

At EY, we are dedicated to empowering your career journey with confidence. Join a dynamic team that drives innovation and works towards building a better and more secure working world. As a Senior Cybersecurity Consultant specializing in Offensive Security within our Service Delivery Center, you will play a vital role in enhancing our clients' security stance through proactive threat assessments and robust vulnerability management. The Opportunity In this essential position, you will lead penetration testing, red teaming, and comprehensive security evaluations for our clients. Collaborating with diverse teams, you'll identify security vulnerabilities, devise effective mitigation strategies, and ensure compliance with industry standards. Your expertise will be instrumental in automating security operations and bolstering our clients' security frameworks. Your Key Responsibilities Lead, scope, and execute thorough penetration testing initiatives across various environments, including web applications, cloud platforms, networks, and hardware. Design and execute red team and purple team exercises to detect vulnerabilities in organizational security and provide actionable recommendations. Document penetration testing findings comprehensively, including detailed reports that highlight risks and remediation strategies. Remain abreast of emerging security threats, vulnerabilities, and best practices, fostering a culture of continuous learning within the team. Contribute to the enhancement and upkeep of penetration testing tools and infrastructure to ensure optimal performance and security. Develop and present operational metrics for client meetings, delivering insights into security findings and the effectiveness of tools. Skills and Attributes for Success 5+ years of proven experience in penetration testing and offensive security. In-depth knowledge of automation tools and their application within offensive security. Strong problem-solving abilities and the capacity to manage multiple security projects simultaneously. Exceptional communication skills to simplify complex technical concepts for diverse audiences. To Qualify for the Role, You Must Have A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. At least three years of experience in incident response or penetration testing, including one year within the electric utility sector for generation or transmission & distribution. Extensive hands-on penetration testing experience across web applications, networks, and cloud environments. Proficiency in scripting languages such as Python, Bash, or PowerShell for automation tasks. Familiarity with major operating systems including Windows, Linux, and Unix. Ideally, You Would Also Have Certifications like CCSP, CSSLP, OSCP, OSWP, GPEN, CISSP, or equivalent. Contributions to the security community through research, public CVE disclosures, or open-source projects. Solid analytical skills for interpreting complex information effectively. A keen interest in the latest cybersecurity trends, promoting continuous learning. What We Look For We seek enthusiastic individuals with a passion for cybersecurity and a dedication to protecting digital assets. We value adaptability, proactive thinking, and the ability to build high-performing teams. What We Offer Opportunities for continuous learning and skill enhancement. Flexible work environments that empower you to make a significant impact. Transformational leadership and coaching for career advancement. A respectful and inclusive culture where your contributions are valued. Are you prepared to elevate your cybersecurity career? Apply today and join us in forging a secure digital future. EY is committed to high ethical standards and integrity, expecting all candidates to uphold these values. EY is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Created: 2026-03-05