Senior Pentester - EY GDS Spain - Hybrid

Senior Penetration Tester / Red Team Consultant – EY GDS Spain - Hybrid

The opportunity

As a Senior Penetration Tester / Red Team Consultant, you are part of the EY Cyber Security team delivering offensive security services that help clients validate and improve their security posture. You execute structured penetration tests and (where applicable) threat-led adversary simulations across applications, infrastructure, and cloud/hybrid environments, translating technical findings into clear, actionable risk reduction.

As a member of our team in the EY GDS Spain office in Malaga, you’ll have a chance to extend your knowledge & experience by working on interesting projects with the newest technologies and approaches. You’ll support clients in choosing the most suitable business solution and take part in digital transformation.

Your key responsibilities

· Plan and execute penetration tests (internal/external), including web applications/APIs,
network/infrastructure, and cloud environments

· Define scope, rules of engagement, and test strategy with stakeholders; ensure safe execution and minimal
operational impact

· Perform security testing using a balanced approach of manual techniques and validated tooling; document
evidence and reproduce findings reliably

· Deliver high-quality reporting (executive summary, technical details, risk rating, remediation guidance);
support retesting and closure

· Conduct (or support) red team / purple team exercises where applicable, aligning scenarios to business risks
and adversary techniques

· Collaborate with defensive teams (SOC/Blue Team/IR) while ensuring appropriate separation and
independence of offensive and defensive activities

· Contribute to continuous improvement: refine methodologies, reusable playbooks/checklists, and
knowledge sharing

Skills and attributes for success

· Strong understanding of common attack paths and security weaknesses across web, infrastructure, identity, and cloud

· Structured and disciplined working style (documentation, evidence handling, clear communication, and quality focus)

· Ability to translate technical findings into business-relevant risk language and actionable remediation steps

· Client-facing mindset with strong stakeholder management and a proactive, ownership-driven attitude

To qualify for the role, you must have

· 3 - 4 years of hands-on experience in penetration testing and/or red teaming with proven delivery of professional reports

· Solid knowledge of testing methodologies (e.g., OWASP for web/API testing; structured engagement planning and execution)

· Hands-on experience with common offensive security tooling (e.g., Burp Suite, Nmap, scripting for automation/validation)

· Strong understanding of Windows/Linux and networking fundamentals; comfortable with troubleshooting and evidence capture

· English at least B2 - C1 (written and spoken) is required

Ideally, you’ll also have

· Relevant certifications (e.g., OSCP/OSWE/GPEN/PNPT or comparable) are a plus

· Experience with specialized testing domains such as cloud pentesting, mobile, thick client, wireless, or social
engineering (depending on engagement model)

· Experience with threat-led red teaming and purple teaming approaches (where applicable)

· German B2

What we look for

We look for ethical attackers who combine technical depth with maturity and discipline—clear scoping, clean
execution, and crisp communication. You care about impact: delivering findings that teams can fix and running
engagements that measurably improve resilience.

What we offer

In EY GDS Spain, we’re committed to fostering a vibrant environment where every team member can thrive. We
provide a space for continuous learning and the flexibility to define your own success, empowering you to make a
meaningful impact in your own way. Our diverse and inclusive culture values who you are and encourages you to
help others find their voice.

Additionally, here’s what makes us stand out:

· Empowering Career Development: Unlock your potential with tailored training and development
programs designed to elevate your skills and propel your career forward. We invest in your growth
because your success is our success.

· Flexible Work-Life Integration: Enjoy the freedom of our hybrid work model, allowing you to blend
professional responsibilities with personal passions. We understand that life is more than just work, and
we support you in achieving that balance.

· Comprehensive Well-Being Programs: Prioritize your health with our extensive wellness initiatives,
including psychological support sessions and health resources. At EY GDS Spain, your well-being is at the
heart of what we do.

· Meaningful Volunteering Opportunities: Make a difference in your community through our engaging
volunteering programs. Join us in giving back and creating a positive impact while building connections
with like-minded colleagues.

· Recognized Performance and Rewards: Celebrate your achievements with our recognition programs
that honor both individual and team successes. We believe in acknowledging hard work and dedication,
ensuring you feel valued every step of the way.

Join us at EY GDS Spain, where your journey is supported, your contributions are celebrated, and your future is
bright.

To learn more about what we offer, visit our Careers in Global Delivery Services | EY - Global

About EY GDS

EY Global Delivery Services (EY GDS) is a dynamic and truly global delivery network of over 75,000 people
working across the world, to provide innovative and strategic business solutions to our clients worldwide. We
play a vital role in growth strategy, helping our clients become agile and efficient, and helping fulfill our purpose
to build a better working world.

From accountants to coders, we offer a wide variety of fulfilling career opportunities that span all business
disciplines. We look for skills that are evergreen and our roles evolve with industry trends. We also work across
Finance, Business Development, Technology, Talent, Procurement and Risk Management functions to help our
teams operate as efficiently and effectively as possible.

Across our 10 locations and 21 cities, we work with teams from all service lines, geographies, and sectors. We
operate in Argentina, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom.
Our EY GDS Spain office is located at Malaga Technology Park and currently employs over 1000 people.

If you are interested in being part of our team, we kindly invite you to submit your CV in English to apply for
this position.

The exceptional EY GDS experience. It’s yours to build.