GDS Consulting | Cyber Security - Senior Penetration Tester

At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.

Attack & Penetration Testing - Senior

As part of our Cyber Security team you shall perform penetration testing which includes internet intranet wireless web application social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings exploitation procedures risks and recommendations.

The opportunity

Were looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering.

Your key responsibilities

Lead engagements from kickoff with clients through scoping engagements penetration testing and reporting while adhering to the agreed scope and deadlines.
Perform penetration testing which includes Network web application Mobile app (both Android & iOS) APIs Cloud Security Thick Client application wireless social engineering physical penetration testing.
Execute penetration testing projects using the established methodology tools and rules of engagements.
Execute red team assessments to highlight gaps impacting organizations security postures.
Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
Perform in-depth analysis of penetration testing results and create report that describes findings exploitation procedures risks and recommendations.
Convey complex technical security concepts to technical and non-technical audiences including executives.
Perform technical quality reviews and conduct technical conversations directly with clients.
Keep uptodate with the latest techniques and concepts.
Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams
Utilize tools such as BurpSuite Nessus Nmap Kali Linux and Nessus for effective vulnerability assessment and penetration testing.
Understanding and experience with Active Directory attacks.
Stay up-to-date with the latest security threats vulnerabilities and best practices in vulnerability management. Knowledge of AI in Pentest TCP/IP OSI Layer IPv4 & IPv6 Network Protocols and Wireless Communication skills preferred.
Working knowledge with any scripting languages (e.g. Python Perl PHP Ruby) to develop automated solutions that mitigate risks throughout the organization.
Support SDLC and agile environments with application security testing and source code reviews.
Serve as a mentor and guide to junior pen testers sharing your knowledge skills and best practices to nurture their growth and development.
Provide technical expertise and guidance to clients on remediation strategies and security best practices.

Skills and attributes for success

In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments
Good to have knowledge in AI in pentest
Understanding of TCP/IP network protocols.
Understanding of network security and popular attacks vectors.
Experience with Operation Technology / Internet of Things Cloud technologies (AWS Azure GCP) Active Directory and 802.1x penetration testing
Strong understanding of security principles policies and industry best practices
Proven ability to lead client engagements build strong client relationships and deliver exceptional results.
Excellent communication and presentation skills both written and verbal.
Demonstrated thought leadership in the cybersecurity field through publications speaking engagements or contributions to industry forums.
Exceptional problem-solving skills strategic thinking and the ability to influence and lead.

To qualify for the role you must have

BE/ MCA or equivalent
Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network web application Mobile app (Android & iOS) Thick client APIs wireless social engineering physical and Red Team assessments.
One of the following certifications: OSCP OSCE OSEP OSWE CREST CRTE eCPTX or eWPTX
Knowledge of Windows Linux UNIX any other major operating systems.
3-9 years of work experience in Strategy and Operations projects
Team management skills are preferred.
Conduct technical discussions and perform technical Quality reviews.
Familiarity with OWASP methodologies and application security vulnerabilities.
Exceptional ability to educate and guide application developers in security best practices.
Excellent communication presentation and interpersonal skills.
Strong Word Excel and PowerPoint skills.

Ideally youll also have

Project management skills
Certifications: OSCP OSCE CRTP CRTO CISSP GPEN GWAPT.

What we look for

Who can perform penetration testing which includes internet intranet wireless web application social engineering and physical penetration testing and provide analysis for the testing results.

What working at EY offers

At EY were dedicated to helping our clients from startups to Fortune 500 companies and the work we do with them is as varied as they are.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus we offer:

Support coaching and feedback from some of the most engaging colleagues around
Opportunities to develop new skills and progress your career
The freedom and flexibility to handle your role in a way thats right for you

About EY

As a global leader in Assurance Tax Strategy & transactions and Consulting services were using the finance products expertise and systems weve developed to build a better working world. That starts with a culture that believes in giving you the training opportunities and creative freedom to make things better. Whenever you join however long you stay the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people well make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above please contact us as soon as possible.

Join us in building a better working world.
Apply now

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.