Apply now »

Technology Consulting (CYBER) Penetration Tester - Mng/ Senior Mng

Location:  Dublin 2
Other locations:  Primary Location Only
Salary: Competitive
Date:  Jan 26, 2023

Job description

Requisition ID:  512427

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

 

 

EY’s Cyber Security practice is one of the fastest growing areas of the business with an immediate requirement for security consultants with a diverse range of skills and experience. As a leader on our Cyber team you will be providing advisory and technical leadership to help our clients improve their cyber security posture to respond to the dynamic Cyber Security threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build, deploy and test pragmatic security solutions that will give real and tangible benefits and security enhancement.

 

The opportunity

 

You will be a lead member of a highly skilled and rapidly growing team of Technical Security specialists. Your role will consist of leading and supporting global penetration testing and offensive security teams and carrying out offsite and onsite penetration tests and vulnerability assessments against a wide range of systems and environments, in addition to advancing red teaming and DevSecOps capabilities. As a member of the team, you will have the opportunity to grow your career in leading the delivery of penetration testing and offensive security, with a significant opportunity for leadership experience and career progression.

 

Skills and Knowledge for this role include:

 

  • Ability to lead and support remote teams in performing complex penetration tests in a variety of environments, managing several teams across different client sites
  • Experience in delivering penetration test results to technical and non-technical colleagues and clients
  • A deep understanding of technical security requirements, and conducting research projects to maintain and grow knowledge within technology
  • Ability to independently perform technical responsibilities and deliver results to a high standard
  • An in-depth awareness and understanding of advancements in the penetration testing domain
  • Ability to collaborate with colleagues across other relevant teams to enhance service quality
  • Experience in maintaining compliance with regulations and standards in relation to executing penetration tests, in addition to audit requirements and exacting reporting formats
  • Ability to take on responsibility for penetration test projects and follow these through to completion including carrying out tests, issuing reports and providing recommendations
  • Experience in mentoring junior members of teams, you will need to grow on-shore and off-shore capabilities and support overall service improvement
  • Hands-on internal and external infrastructure and application penetration testing required
  • Exposure to a variety of security testing tools and a wide range of exploit techniques
  • Requirement to stay up-to-date on current security threats, trends and solutions
  • Strong demonstrated ability to take vulnerabilities and articulate the actual business risk along with excellent reporting writing and client presentation skills
  • Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), National Institute of Standards and Technology (NIST) Special Publications, Tigerscheme SST, and CESG Check
  • A consultative manner and customer facing skills with the ability to communicate with stakeholders at all levels and advise on best practices
  • An enquiring mind, the tenacity to overcome technical challenges, and an ability to approach problems from different perspectives

 

Experience and attributes for success

 

Experience:

 

  • 7-10+ years' experience working in a penetration testing role across various sectors
  • Experience in ‘Big 4’ or similar consultancy experience in the Irish market
  • Track record in supporting the delivery of a broad range of cyber security projects
  • Government, Utilities, Manufacturing, Financial Services and Pharma experience desirable
  • Leadership experience with a strong focus on mentorship
  • Onsite and Offsite Penetration Testing
  • Red teaming experience an advantage
  • Driven cyber security professional with a passion for information security
  • Strong analytical skills to solve technical issues and flexibility in handling multiple issues at once

 

Attributes:

 

  • Excellent communication and project management skills (verbal and written),
  • Excellent organisational and problem-solving skills in addition to strong attention to detail,
  • Experience in drafting proposals, bids and tender responses,
  • Excellent working knowledge of Microsoft PowerPoint, Word, Excel and online research tools,
  • Strong collaboration skills, ideally working with global and multi-functional teams.
  • Ability to prioritise and work to tight deadlines and manage own caseload.
  • The ability to learn quickly and to work well under pressure,
  • The ability to listen attentively and express complex issues concisely to clients
  • Show leadership and motivate teams, including project management of consultancy projects
  • Participate in implementation or deployment of new tools, processes and best-practices in order to improve knowledge sharing and to raise security level while promoting security awareness among team members

 

You will also have focussed on some of these areas in the past:

 

  • Application, Mobile, IoT, Cloud, Infrastructure and Network Security
  • Application developer background (common frameworks) and understand DevSecOps processes including VA, SAST, DAST, RASP, secure code design review
  • Understanding of CI/CD, container concepts, agile project management, deployment, automation and orchestration
  • Programming/scripting experience (Powershell, ASP, .NET, Python, Perl);
  • OT Security (knowledge of or certification in ISA/IEC 62443 an advantage)
  • Cloud Security (Azure AZ900, AZ500 and AWS Security an advantage)
  • Security Engineering or Architecture (SABSA an advantage)

 

To qualify for the role you must have

 

  • MSc degree in information security, computer science, computer engineering, information systems, cloud computing or related field of study
  • OSCP certified, OSCE also highly  desirable

 

Ideally, you’ll also have

 

  • CISSP or CISM (an advantage)
  • GPEN, GWAPT, GXPN, CEH, EC-Council LPT, CompTIA PenTest+ (desirable)

 

What working at EY offers

 

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

 

  • Support, coaching and feedback from some of the most engaging colleagues around
  • Opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that’s right for you

About EY

 

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

 

Build your legacy with us

Apply now.

 

EY | Building a better working world

 

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

 

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

 

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.  

Apply now »