Senior Consultant / AM - Technology Risk Ch2, Rapid

At EY, we’re all in to shape your future with confidence.

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.​

Join EY and help to build a better working world.

The opportunity

To support the significant growth of our Technology Risk service in MENA, EY is looking to hire highly qualified resources. Specifically, as part of this job posting, we are looking for a Senior Consultant / Assistant Manager. Working across many different industries, this role will be responsible for executing and leading IT and cybersecurity projects. It is all about listening to our clients, asking the better questions, and supporting them in areas where there are no off-the-shelf solutions.

Your key responsibilities

A large part of the role will be engagement delivery and EY will expect the candidates to lead and deliver engagements with very minimal supervision. EY also expects the candidates to support executives in development of proposals, presentations and other business development activities. The candidate will be responsible for the delivery and quality of the final reports to EY's clients. 

An existing track record of successful engagement delivery in Technology Risk is expected of all candidates for this role. A Big 4 background or comparable consulting experience is highly advantageous. A broad background across IT and Cybersecurity is expected with specific experience in the following areas:

• Red-teaming and cyber-adversary simulations
• Purple Teaming; Phishing and social engineering
• Network infrastructure and cloud security assessment
• Web application security assessment
• Mobile application security assessment
• Wireless Assessment
• Conducting red/purple teaming exercises mapped to MITRE ATT&CK framework
• Experience in implementing and managing VM program and managed application security engagements for clients
• Extensive testing within Active Directory environments using various tools such as Empire, Metasploit, CrackMapexec, PowerView, Bloodhound and PowerSploit, Responder, Mimikatz etc.
• Network audit for both technical and design vulnerabilities
• Cloud penetration testing for Azure and AWS
• Web and mobile application testing for both technical and design vulnerabilities following OWASP methodology
• Cybersecurity readiness assessment and remediating the gaps/vulnerabilities.
• Creating minimum security baseline standards for network security devices, operating systems, databases, telecom devices
• Perform configuration audit for OS/DB and network devices based on CIS/NIST standards
• Exposure to SIEM, SOC monitoring, Compromise assessment Threat Hunting, Malware Analysis, etc.
• Exposure to tools like HELK, Detection Lab, Loki, Osquery, Sysmon, Sigma, YARA, Cuckoo Sandbox, etc.

Skills and attributes for success

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or in a related field.
• Relevant professional certifications Red Hat Linux, Offensive Security Certified Professional(OSCP), CCNA, CEH, ISO27001 are preferred.
• Minimum of 3 to 5 years of experience in IT audit, information security, or related fields.
• Strong knowledge of ITGC/ITAC, information security frameworks, and cybersecurity best practices.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively within a team environment.

What we offer you

At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more.

Are you ready to shape your future with confidence? Apply today.

To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability-related adjustments or accommodations you may need.

EY  |  Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.