Junior Penetration Tester

Location: Nicosia

Other locations: Anywhere in Country

Date: Apr 29, 2024

Requisition ID: 1502029

Junior Penetration Tester

At EY Consulting Service Line, we support you in achieving your unique potential both personally and professionally. We give you stretching and rewarding experiences that keep you motivated, working in an atmosphere of integrity and teaming. And while we encourage you to take personal responsibility for your career, we support you in your professional development in every way we can.

The opportunity

Our EY Consulting ambition is to become the world’s leading transformation consultants, trusted to help our clients generate long-term value. We’re building world-class capabilities in business, technology and people consulting to help us deliver on EY’s purpose of building a better working world — our firm’s broader ambition to become the world’s most trusted, distinctive professional services organization.

Our clients are at the heart of our new strategy. We’re focused on solving the key issues of our client buyers, building deeper relationships, and making a greater impact. We’re introducing a new go-to-market narrative — Transformation Realized™ — to help us harness the core drivers of transformation that will create long-term value for our clients.

To achieve this, we are seeking a Junior Penetration Tester to join our growing Cybersecurity practice. Our team is part of EY’s Central, Eastern and Southeastern Europe & Central Asia (CESA) cluster, delivering market leading services to organizations across industries in Cyprus and internationally.

The transformation imperative is urgent, challenging and opportunity-rich, interested to join us?

Your Key Responsibilities

This role focuses on various technical areas such as penetration testing (external and internal infrastructures, web applications, and mobile applications), architecture and configuration review, source code review, social engineering exercises (phishing, vishing, and physical access attacks), attack simulation exercises, and cloud and on-premises infrastructure assessments.

Your main responsibilities will be:

Perform penetration tests on various platforms and technologies, such as external and internal infrastructures, web applications, and mobile applications, to identify security weaknesses and misconfigurations.
Perform social engineering assessments (email phishing, vishing, physical access attacks) to simulate the theft of passwords, infiltrate systems, and download malware / ransomware to assess the security awareness and physical security controls of Organizations.
Perform source code review to identify software vulnerabilities and detect malware or malicious embedded code.
Perform cloud, server, network, and middleware security configuration assessments.
Perform architecture reviews for cloud and on-premises IT environments.
Collaborate with a team of cyber security specialists to maintain, develop, and update security testing methodologies.
Prepare reports on identified security vulnerabilities and provide recommendations based on security best practices and standards, to remediate the identified vulnerabilities.
Keep up to date with the latest penetration testing techniques and the current threat landscape.
Maintain knowledge about current security standards, systems, and authentication protocols.
Provide awareness to clients’ staff about potential threats and cyber security best practices.

To qualify for the role, you should have:

A BSc. degree in Computer Science, Cyber Security, Information Technology, or a related field.
A MSc. degree in Information Security, Cyber Security or a related field will be considered an advantage.
Possession of a professional qualification such as: eJPT, eWPT, or other relevant qualification will be considered an advantage.
Experience with at least one scripting language (e.g., Bash, PowerShell) and / or programming language (e.g., Python, C, C#, C++, Java, etc.) is preferred.
Able to understand basic networking concepts and Internet protocols (e.g., routing, TCP/IP, HTTP(S), SMTP, DNS, SSL/TLS, etc.).
Understanding of industry recognized security testing standards and penetration testing methodology.
Be able to conduct research and development and solve technical problems independently.
Ability to work in a collaborative environment.

Skills and attributes for success

Strong analytical and problem-solving skills.
Strong drive to excel professionally, and to guide and motivate others.
Advanced written and verbal communication skills in English.
Dedicated, innovative, resourceful, analytical, and able to work under pressure.
Foster an efficient, innovative, and team-oriented work environment.

What working at EY Offers

EY offers an attractive remuneration package for rewarding both personal and team performance. We are committed to be an inclusive employer and are happy to consider flexible working arrangements. In addition, but not limited to our benefits include:

13th salary
Provident Fund
Private Medical and Life Insurance
Flexible working arrangements (hybrid work and flexible work schedule)
Friday afternoon off
EY Tech MBA and EY MSc in Business Analytics
EY Badges - digital learning certificates
Mobility programs (if interested to work abroad)
Paid Sick Leave
Paid Paternity Leave
Yearly wellbeing days off
Maternity, Wedding, and New Baby Gifts
EY Employee Assistance Program (EAP) (counselling, legal and financial consultation services)

About EY

EY | Building a better working world.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

#betterworkingworld

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.

Apply Now.

Provider	Description	Enabled
AddThis	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions
LinkedIn	LinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn. Cookie Policy Cookie Table Privacy Policy Terms and Conditions
Google Analytics	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions
Google Tag Manager	Google Tag Manager is a tag management system for conversion tracking, site analytics, remarketing, and more. Privacy Policy Terms and Conditions

Junior Penetration Tester

Job description