Manager - Forensics - VAPT - Riyadh

Successful organizations depend on their reputation for keeping promises, respecting laws and behaving ethically to maintain stakeholder trust. EY Forensic & Integrity Services professionals help organizations protect and restore enterprise and financial reputation. We assist companies and their legal counsel to investigate facts, resolve disputes and manage regulatory challenges. We put integrity at the heart of compliance programs to help better manage ethical and reputational risks.

Embracing integrity means doing what you say you will do, with unerring commitment. This can make it easier to attract and retain talented people and harness their skills to grow your business. A foundation built on integrity is critical because today’s talent values purpose-driven organizations. It can also help you develop stronger partnerships with suppliers and work more effectively with employees, investors, regulators and influencers. Our integrated approach ranges from enhancements in areas of perceived weakness or issues — including governance, controls, culture and data insights — to full organizational design and structural implementation.
 
The opportunity
 
As a Manager, you’ll build valued relationships with external clients and internal peers and develop a portfolio of projects by focusing on high value opportunities. You’ll lead presentations and proposals for complex projects or elements of highly complex projects and provide subject matter insight to bids and proposals. Drawing on your skills and experience, you’ll create innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs, and contribute to thought leadership.
 
Your key responsibilities
 
As a Manager in the Resilience & Digital Trust team managing VAPT, you will lead and grow a specialized team responsible for delivering managed Vulnerability Assessment and Penetration Testing (VAPT) services. You will provide strategic advisory and technical expertise to strengthen clients' cybersecurity defenses, identify security weaknesses, and ensure alignment with regulatory and industry best practices.

You will manage multiple client engagements at an executive level, working with senior stakeholders to assess vulnerabilities, simulate real-world attacks, and develop remediation strategies. Your leadership will help organizations proactively identify and mitigate cyber risks, maintain compliance, and enhance their overall security posture.

Specifically, you will need to:

• Lead the delivery of end-to-end managed VAPT services, including network, application, cloud, OT/ICS, wireless, and mobile assessments.
• Oversee scoping, planning, and execution of penetration testing engagements while ensuring quality, consistency, and alignment with recognized frameworks (e.g., OWASP, MITRE ATT&CK, NIST, OSSTMM).
• Develop and maintain VAPT methodologies, testing frameworks, and reporting templates to ensure standardized service delivery.
• Identify security vulnerabilities and misconfigurations and provide clients with actionable risk-based recommendations and remediation plans.
• Manage vulnerability scanning tools and platforms and integrate findings into centralized dashboards for continuous monitoring and reporting.
• Ensure that all assessments are conducted in a safe, controlled manner and in accordance with agreed-upon rules of engagement and regulatory requirements.
• Present findings to technical and non-technical stakeholders, including executive leadership, and support remediation discussions and threat prioritization.
• Collaborate with incident response, threat intelligence, and governance teams to contextualize findings and strengthen overall cyber defense strategy.
• Mentor junior team members, conduct peer reviews, and support capability development across the VAPT team.

To qualify for the role, you must have

• Bsc. computer science or information technology or cyber security
• Certificates such as CISA, CISM, and CISSP, ISO 27001 is a plus
• Minimum of 10 years of hands-on experience in the digital forensics and incident response domain.
• Broad industry expertise and network, and with an establishes experience with a top tier firm
• Lead a team of professionals to combine diverse cross-border experience with local knowledge across a broad spectrum of industries
• Work effectively as a member of a worldwide network of professional advisors, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress
• Strong understanding of expectations of regulators and international organizations such as NCA, ISO, and NIST.

　
Ideally, you’ll also have
 

• Experience in cloud security testing (e.g., AWS, Azure, GCP environments).
• Familiarity with DevSecOps and secure SDLC principles.
• Experience conducting red teaming or adversary simulation exercises.
• Strong communication skills in both Arabic and English.
• Prior work experience in the Kingdom of Saudi Arabia (KSA), with understanding of local compliance requirements.
• Consulting background with a proven ability to engage C-level clients and deliver executive-level reports.　

 
What we look for
 
We are interested in entrepreneurs who have the confidence to develop and promote a brand-new strategic vision both internally and externally. You will be business savvy with a passion for innovation as well as the motivation to create your own EY journey.
 
What we offer
 
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
 

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

 
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.

EY | Building a better working world
 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.