Senior Cybersecurity Consultant - Vulnerability ...

At EY, we're committed to shaping your future with confidence and empowering you in a globally connected environment enriched by diverse teams. Join us to advance your career while contributing to a better working world. You will have the chance to create a unique career with global scale, support, and an inclusive culture, which fosters continuous development and values diverse perspectives. With more than 150 countries represented at EY, our commitment to integrity, quality, and professionalism is paramount in providing audit, tax, transaction, and consulting services. The Opportunity We are looking for a seasoned Vulnerability Management (VM) Senior Consultant to enhance our team, engaging in the design, implementation, and management of our comprehensive vulnerability management services. The ideal candidate will exhibit expertise in vulnerability management tools and services, paired with experience in a dynamic cybersecurity environment. This role is crucial for delivering tailored solutions that enable clients to execute effective vulnerability management programs, fusing technical skills with an understanding of associated business risks. Your Key Responsibilities Build relationships by understanding the concerns, needs, and issues of stakeholders, fostering a supportive network within the organization. Track progress, manage potential risks, and keep stakeholders updated on developments and expected results. Stay informed on current business trends relevant to clients' operations and cybersecurity landscape. Support engagement teams in assessing client vulnerability management programs across people, processes, and technology. Collaborate on unique aspects of vulnerability management solutions designed for client environments. Conduct vulnerability assessments to identify weaknesses and appraise the effectiveness of existing safeguards. Support ongoing operations in vulnerability management, including tracking SLAs, managing backlogs, and validating remediation efforts. Drive continuous improvement by streamlining workflows, metrics, and automation in VM operations. Engage in operational governance, including service reviews and KPI monitoring. Skills and Attributes for Success Familiarity with security and risk standards such as ISO 27001-2, CIS, PCI DSS, NIST, ITIL, COBIT. Knowledge of various operating systems including Windows, Linux, and UNIX, both on-premises and cloud-based. Hands-on experience with tools like Qualys, Nexpose, and Wiz, including deployment and configuration. Competence in evaluating vulnerability management tools and supporting vendor selection processes. Ability to conduct root cause analyses of vulnerabilities and recommend feasible technical solutions. Proficient understanding of fundamental cybersecurity concepts, including privacy, incident response, and governance. Experience managing cybersecurity projects, including drafting project charters and status updates. Familiarity with scripting/programming (e.g., Python, PowerShell) and using Microsoft Excel or PowerBI for metrics. Awareness of contemporary security vulnerabilities and exploits, as well as web application vulnerabilities. Experience using EPSS, CVSS, CISA KEV, and threat intelligence to prioritize vulnerabilities. Strong grasp of CVE (Common Vulnerabilities and Exposures) and CWE (Common Weakness Enumerations) frameworks. Ability to curate metrics that cater to both executive and operational audiences, translating technical jargon into actionable insights. To qualify for the role, you must have A bachelor's degree with a minimum of 3 years of related experience or a graduate degree with 1-2 years of experience. Proven experience in vulnerability management with hands-on utilization of related tools. Consulting experience providing Vulnerability Management services across various industries. Excellent written and verbal communication skills capable of engaging senior management and technical experts. Capability to communicate effectively with business stakeholders in layman’s terms. A willingness to travel as needed for client engagements. A valid driver's license. Ideally, you'd also have Strong interpersonal skills to work collaboratively with clients and present innovative solutions. Analytical capacity for addressing issues both strategically and technically. Proven ability to influence decision-making across multiple projects. Prior consulting experience is advantageous. A cyber security certification (CISSP, CEH, GSEC) is a plus. What we look for We seek intellectually curious professionals driven by a passion for cybersecurity. Your knowledge of Vulnerability Management and innovative approach will greatly impact EY and the broader industry. If you possess confidence in technical and presentation skills, consider joining our team. What we offer you A comprehensive compensation and benefits package that rewards performance and recognizes your contributions. A flexible work environment, including a hybrid model, with a preference for in-person collaboration for 40-60% of the time. A flexible vacation policy allowing you to decide your vacation time based on personal circumstances, in addition to designated paid holidays and time off for various needs. Are you ready to shape your future with confidence? Apply today. At EY, we prioritize high ethical standards and integrity in our employees and expect candidates to demonstrate these qualities.

Created: 2026-03-05