Apply now »

Manager - Penetration Testing - Technology Consulting

Location:  Melbourne
Other locations:  Primary Location Only
Salary: Competitive
Date:  17 Mar 2024

Job description

Requisition ID:  1359203

 

 

 

If we inspire you to do the work you love, will you still call it work?  

 

At EY we believe that whoever you are, your uniqueness helps us stand apart.  

 

We bring together extraordinary people, like you, to build a better working world. 

 

What’s in it for you?  

 

Our EY Advanced Security Centre (ASC) is a well-established, dedicated and vibrant team that was created to help our clients protect the confidentiality, integrity, and availability of their information. Our vision is to build and bring the strongest, most diverse, and highly skilled team to the market. We strive to be the market leaders in security testing services, ready to tackle any challenge that comes our way.

 

  • Our Advanced Security Centre Managers help lead the Offensive Security practice, building exceptional careers for our team and solving our clients’ biggest challenges.  

  • Work with Tier-1 clients within Financial Services clients 

  • Ongoing support and training that will set you up for sucesss in EY 

 

Please note: The location of this role is Melbourne, Sydney or Brisbane.

 

The ASC Team provides the following services to our clients:

 

  • Web, Web services, mobile and thick client penetration testing

  • Internal/External network penetration testing

  • Red Team/Purple Team assessments

  • Social Engineering assessments

  • Application Security consulting and secure code review

  • Wireless assessments

  • Vulnerability assessments

  • Security configuration reviews

 

As an Advanced Security Centre Manager you are:

 

  • Aspiring to be part of the management team for one of Australia’s largest penetration testing teams.

  • Passionate about working with and building careers for the next generation of Offensive Security professionals.

  • Able to translate technical speak to non-technical stakeholders

  • Can demonstrate a high level of oral and written communication skill

  • Seeking to build and take your technical Offensive Security career to the next level.

  • Excited to work with some of Asia Pacific’s biggest clients.

  • Looking to work with a management team that has been consistently working together for more than 8 years.

  • Able to adapt to multiple different workflows with different clients.

 

What you’ll do

 

  • Leading, coaching and developing our people. You will be responsible for growing their careers and driving our inclusivity and diversity values across the team. 

  • Managing projects from multiple clients, responsibilities include, but not limited to:

    • Scoping the project and assigning time 

    • Preparing and ensuring the projects start executing on time

    • Be an escalation point to help testers for any project related issues

    • Perform peer review of project completion reports 

    • Attend close out meetings to answer technical questions clients may have

  • Work on and understand the underlying financials related to project work 

  • Be point of contact with clients for anything project or non-project related 

What we’re looking for 

 

Here is our ‘wish list’ but don’t worry if you don’t tick all the boxes. We’re interested in your passion, strengths, what you want to learn, and how far you want to go.  

 

  • Experience in managing and leading project teams of consultants assisting and advising clients with cyber security, information security and/or privacy challenges.

  • A track record of delivering quality outcomes for your clients

  • An understanding of managing teams and projects to budget and deadlines

  • Good technical knowledge, experience, and skills (offensive security)

 

Ideally, you'll also have

 

  • Experience managing a penetration testing team (preferably a large team).

  • Experience managing client stakeholders and expectations.

  • A methodical approach to attack and penetration testing (above running automated tools)

  • Experience in web and mobile application security testing and specialisation in one other domain would be favourable (thick application or internal/external network)

  • Demonstrable proficiency of at least 2 following security assessment methodologies:

    • Web, Web services, mobile and thick client penetration testing

    • Internal/External network penetration testing

    • Application Security consulting and secure code review

    • Wireless assessments

    • Social engineering/red team assessments

  • Demonstrable technical understanding of at least 2 of following domains:

    • Common web technologies and frameworks

    • Application architecture

    • Cloud computing

    • Networking and Network protocols

    • DevOps methodology and pipelines

  • Administration experience in any of the following:

    • Windows Active Directory Administration

    • Linux/Unix Administration

    • Database Administration

  • Knowledge of one or more scripting/programming languages (e.g. Python, Ruby, PHP, Java .NET, C, C#, etc)

  • Systems security skills in assessment, design, architecture, management, and reporting

  • At least 6 years of management experience in penetration testing activities

  • Relevant (or be willing to pursue) professional certifications such as OSCP, CRTP, SANS, CREST, CISSP etc.

 

What we can offer you 

 

 

Acknowledgement of Country 

 

EY acknowledges the Traditional Owners and Custodians of the lands on which EY offices are located around Australia. We pay our respects to their cultures, and to their Elders — past, present, and emerging. Find out more about our vision for reconciliation at www.ey.com/au/reconciliation 

 

Apply now… we’re over 9,000 perspectives in Australia and we’re ready to welcome yours.  

 
At EY we take inclusivity seriously, and we’re committed to removing barriers and improving the employment prospects of people with disability or long-term health conditions. We encourage you to share any support and adjustments you need to be your best and participate equitably in our recruitment process. We understand sharing your needs with us can be daunting, so if you have questions before or during your application, we welcome you to get in touch at contactrecruitment@au.ey.com or +61 3 8650 7788 (option 2). Anything you tell us will be kept completely confidential. 

 

The exceptional EY experience. It’s yours to build. 

 

The minimum salary for this role is AUD$100,000 inclusive of superannuation and dependent on skills and experience.  

 

 

EY | Building a better working world 

 

Our preferred applicant will be required to undertake employment screening by EY or our external third-party provider.

Apply now »