As a Security Professional at EY, you will have the opportunity to work on some of the most captivating and demanding security projects in the UK. Utilize some of the most innovative testing software tools and be part of the inception of a rapidly growing, elite Security Team based in the North West.
Within this role, you will have the possibility to continuously improve your testing toolset and have the flexibility to continue your own self-development alongside your role at EY.
We value not just your ability to undertake the technical aspects of the role, but more importantly, your genuine passion for Security Testing. If you’re interested in working with anorganisationthat will reward an appetite for development by providing you with the time, training and resources you need in order to grow your professional interests further, in a way that benefits you and not just the business, then we might be the place for you.
Our team at EY is encouraged to contribute to the industry by way of whitepapers, presentations, attendance at various security conferences, and thought leadership. In return we ask that you demonstrate a positive and professional attitude and a genuine appetite to learn and build great relationships with clients with their needs in mind.
If this sounds like you and you’re open to traveling to visit clients up to 70% of the time and you possess the following technical knowledge, then you might be the right person for us.
Your key responsibilities
· Flexibility to cross-skill and engage in other security domains such as Cyber Threat Management, Identity and Access Management, Cyber Transformation, Business Resilience and Data Loss Prevention and Privacy.
· Experience with using a variety of network security testing tools and exploits to identify vulnerabilities and recommend corrective action, as well as experience of manual penetration testing and an understanding of IP Networking in a security context.
· Gather the test data not only from the output of the automated penetration tools but also from information gathered from earlier stages to identify vulnerabilities that the tools may not see
· Deliver high quality security assessments, according to pre-defined scope meeting the client expectations.
· Support the North West Security Team by contributing towards technical collateral development, technical white papers and research documents.
· Share knowledge with colleagues and assist with the mentoring of junior team members.
· Provide market and technical insight through the publication of blog / social media to assist in developing your own and EYs public profile.
Skills and attributes for success
· Open-minded analytical approach to performing security testing, considering manual and automated machine learning techniques
· Excellent technical presentation and reporting skills, both written and verbal
· Ability to communicate detailed technical information to a non-technical audience clearly
· Self-motivated, able to work towards strict deadlines,prioritiseworkload and deliver under pressure to agreed timescales and deadlines
To qualify for the role you must have:
· Relevant penetration testing certifications such as:
· Council of Registered Ethical Security Testers (CREST), TIGER Scheme, or OSCP
· Cyber-security related status (CHECK CTM, or CTL)
· Recognised security testing certifications (GIAC, SANS)
· A degree in computer security, computer science or equivalent
· Proficient in performing both network and web application penetration testing manually
Ideally, you’ll also have
· Programming skills and experience in one or more common web programming language i.e. ASP .NET, PHP, Python, Java, C#, etc.
· Experience with reverse engineering and malware analysis
· Exploit development or other in depth vulnerability research experience
· Any other related skills and experience in Application, Operating System, Hardening, Database management etc.
Throughout the assessment process, we will look for strong evidence of:
Core consulting skills:
· Advanced data & evidence management, client management on remediation programmes, driving innovation & continuous improvement
· Strong technical insight, practical knowledge & capability in your specialist capability.
· Proven ability to adapt and learn in an innovative environment.
What working at EY offers
We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus we offer:
· Support, coaching and feedback from some of the most engaging colleagues around
· Opportunities to develop new skills and progress your career
· The freedom and flexibility to handle your role in a way that’s right for you
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.