Apply now »

Senior Consultant - Cybersecurity Penetration Tester - Sector Focus Industries

Location:  Diegem
Other locations:  Anywhere in Country
Salary: Competitive
Date:  9 May 2024

Job description

Requisition ID:  1498403

The Exceptional EY Experience. It's yours to build.

 

We are a team of 55+ Cybersecurity and Privacy professionals that helps organizations address the challenges on cybersecurity and privacy in a way that is in line with their business strategy.

We provide independent and impartial assistance in IT and business in industry and government organizations. Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills to support our clients and to growth their own career.

 

Our Belgian practice is part of an EMEIA and Global cyber competency that holds over 7.000 cyber experts. We are one of the 63 Advanced Security Centers globally.

 

The Opportunity: Your Next Adventure Awaits?

 

In response to strong market demand, EY has ambitious plans, and we continue to build our Cybersecurity practice by- looking for strong individuals with experience in attack and penetration testing, vulnerability assessments and red teaming. By joining us now, you will be part of our exciting growth strategy where you will get the opportunity to develop it in line with your own interests.

Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills to identify potential threats and vulnerabilities in client IT environments. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. 

We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

 

Our team is organized based on five core cyber capabilities that drive our go-to-market, i.e.

  • Cyber Strategy and Resilience: Evaluate and improve our clients’ cybersecurity and resiliency program in context of the business growth and operations strategies.
  • Offensive Security: Penetration testing and Red Teaming, identifying weaknesses in our clients’ IT and Technology environment.
  • Defensive Security: Blue Teaming. Handle security incidents with our clients, co-operating their Cyber Security Incident Response Team (CSIRT), working with Cyber Threat Intelligence and running our 24/7 Incident Response service.
  • Cloud Security: Build security in our clients’ cloud solutions with focus on Security Orchestration, Automation & Response (SOAR).
  • Digital Identify and Trust Services: Advise and certify Public Key Infrastructure (PKI) of Trust Service Providers (TSP) and Certificate Authorities (CA) in the context EU eIDAS regulation.

 

By joining us now you will be part of our exciting growth strategy where you will get the opportunity to shape your career it in line with your own interests and aspirations.

 

Your Key Responsibilities

 

  • Execute penetration testing assessments including identifying and exploiting security vulnerabilities in our clients” infrastructure using the established methodology, tools and rules of engagements.
  • Perform intelligence gathering, vulnerability identification and analysis in a wide array of IT environments to identify vulnerabilities and potential attack paths resulting in privilege escalation and remote code execution vulnerabilities on client infrastructure.
  • Perform in-depth analysis of penetration testing results and create a penetration testing report that describes findings, exploitation procedures, risks and recommendations.
  • Conduct security research to devise new attack techniques.
  • Stay current with the latest exploits and security trends.
  • Develop custom software tools / scripts to assist in compromising IT infrastructure and applications.
  • Ability to work both independently as well as lead a team of technical testers on penetration testing engagements.
  • Provide technical leadership and advise to junior team members on attack and penetration test engagements.
  • Convey complex technical security concepts to technical and non-technical audiences, including executives.

 

Your Profile

 

You have: 

  • Full working proficiency (native speaker) in either Dutch or French and English
  • a Bachelor's or Master’s degree in Computer Science, Cybersecurity Information Systems, Information Technology, Engineering or a related major
  • A minimum of 2 years of related work experience in penetration testing
  • Experience may include IT infrastructure, web application, API, mobile applications, wireless, social engineering, cloud and Red Team assessments.
  • Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends.
  • Knowledge of Windows, Linux, Unix, MacOS, Android, iOS and any other major operating systems.
  • Deep understanding of TCP/IP network protocols
  • Deep understanding and experience with various Active Directory attack techniques.
  • Understanding of network security and popular attack vectors.
  • Understanding of web-based application vulnerabilities (OWASP Top 10).
  • Experience with manual attack and penetration testing.
  • Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl, Ruby etc).
  • Experience in using vulnerability scanning tools (e.g. Nessus, Sqlmap, nmap, Burpsuite Pro, ZAP, etc.)
  • Any two of the following certifications: CEH, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, or similar.
  • Execute penetration testing assessments including identifying and exploiting security vulnerabilities in our clients” infrastructure using the established methodology, tools and rules of engagements.
  • Perform intelligence gathering, vulnerability identification and analysis in a wide array of IT environments to identify vulnerabilities and potential attack paths resulting in privilege escalation and remote code execution vulnerabilities on client infrastructure.
  • Perform in-depth analysis of penetration testing results and create a penetration testing report that describes findings, exploitation procedures, risks and recommendations.
  • Conduct security research to devise new attack techniques.
  • Stay current with the latest exploits and security trends.
  • Develop custom software tools / scripts to assist in compromising IT infrastructure and applications.
  • Ability to work both independently as well as lead a team of technical testers on penetration testing engagements.
  • Provide technical leadership and advise to junior team members on attack and penetration test engagements.
  • Convey complex technical security concepts to technical and non-technical audiences, including executives.

 

 

What's In It For You

 

  • EY Family – you become part of the EY Family providing you with all the necessary skills, training and opportunities; enabling you to grow to your fullest potential.
  • Attractive remuneration package - We offer an attractive remuneration package; including a company car and charging card , iPhone plus subscription, health insurance, pension plan, meal vouchers, and eco vouchers.  Thanks to our flex plan it is possible to choose what you value most. 
  • Flexible working arrangements - We are proud of our flexible working arrangements. We will actively support you in building a successful career and delivering excellent client service without sacrificing your personal priorities. We offer flexible working hours and working from home multiple days per week is possible.
  • Inspiring work environment - At EY we are dedicated to providing you with an inspiring work environment. A work environment that allows you to further develop your skills and enables you to fulfill your true potential.
  • Learning & personal growth - You will benefit from an onboarding program, receive extensive training and will be coached by a counselor. We offer a clear career path tailored to your unique skills with necessary guidance.  
  • Fun - By joining our EY- teams, you can participate in team activities, and companywide events and enjoy a drink during our monthly after-work drink.
  • Sustainability - We have a fleet of hybrid and electric cars. Our flex plan makes it possible for you to choose the most sustainable option for you. You can also opt for a train subscription or lease a bike.
  • Diversity & Inclusion - At EY we are passionate about the inclusion and support of individuals of all groups; we do not discriminate on the basis of race, religion, gender, sexual orientation, or disability status.
  • Location - All of our offices are easily accessible by public transport and/or by car and have parking space. They all have parking spaces and charging stations are provided.
  • Best Workplace – You will be part of the 2023 number one rated Best Workplace (Great Place to Work).

Here at EY, you’ll have the chance to build a truly exceptional experience. We’ll empower you with the latest technology, surround you with high-performing teams, and provide the global scale and diverse and inclusive culture you need to discover your full potential. Through our coaching and training programs, you’ll develop the skillsets you need to stay relevant today and in the future – all while building a network of colleagues, mentors, and leaders who will be on the journey with you at EY and beyond

Apply now »