Cyber Threat Detection - Technical Analyst
Wrocław (Wrocław) Teaching
Job description
EY Global Delivery Services means 40.000 specialists providing globally IT, project management and strategic business services to EY member firms. In addition we deliver support and solutions to clients from all over the world.
EY Technology:
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
The opportunity
The Cyber Threat Detection – Penetration Tester role will be responsible for the performing full-scope penetration tests (discovery and exploitation of vulnerabilities) on live network infrastructure, services, Active Directory environments, and other systems/applications. This role will work closely with Cyber Threat Intelligence, Incident Response, and Intrusion Detection analysts to define and tune rules and device security policies to meet mission requirements.
Skills and attributes for success
Essential Functions of the Job :
· Responsible for developing and simulating real-life cyber attacks to help EY improve its security posture.
· Test, identify and exploit trust, misconfigurations and vulnerabilities in live MS Active Directory environments and other systems/applications without getting detected by advanced commercial security solutions.
· Employ Microsoft Office tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc. to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws.
· Develop proof-of-concept examples and scenarios for reports and live demonstrations, testing methodoligies across the MITRE ATT&CK framework
· Develop scripts, tools, and proof-of-concept applications in multiple languages such as PowerShell, C++, C#, Python, and bash to enhance EY’s Red and Purple Teaming processes
· Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with team members.
· Promote computer security awareness through hacker demonstrations, working with Cyber-defenders, and presenting detailed security testing project debriefs.
· Provide the Cyber Defense team guidance on Cyber threat detection best practices, technical requirements and integration
· Develop and maintain expertise in a wide variety of technology platforms, threat vectors, and threat actors and communicate it to non-technical and technical personnel
· Leverage both manual techniques as well as automated tools in order to uncover and report security vulnerabilities that exist.
· Utilize Threat Modeling methodologies to identify threats and shape Red and Purple Team operations
· Provide support during investigations and hunt missions when required
To qualify for the role, you must have
· Must possess a high degree of intelligence, competence, maturity, adaptability, resilience, integrity and initiative
· This is a highly technical hands-on role that will utilize knowledge/experience in operating systems, system administration and creativity skills.
· Clear, logical and persuasive communication skills with an ability to work closely with executives and employees at all levels
· Excellent teaming skills with domestic and internationally located teams, and ability to build relationships with other organizational groups
· Extensive knowledge of the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
· Proficient knowedge of Active Directory and other authentication models
· High competency on IP networking technology, to include addressing, routing, common protocol usage, use of proxies, load balancers, firewalls, routers, and switches in network architecture. Ability to show analytical expertise, strict attention to detail, excellent critical thinking, logic, and solution orientation, and learn and adapt quickly
Experience:
· Minimum of 5 years of experience with penetration and vulnerability testing, web application assessments, social engineering, and other cyber-security consulting functions.
· Hands-on experience with common attack techniques such as; network enumeration, privilege escalation, credential theft, command & control, and host explotation.
· Prefer 3-5 years’ experience in at least 3 of the following areas:
· Developing, extending, or modifying exploits, shellcode or exploit tools
· Shell scripting or automation of simple tasks using Perl, Python, or Ruby
· Developing applications in C++, C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
· Reverse engineering malware, data obfuscators, or ciphers
· Preferred penetration testing experience with cloud, cloud idenity(Azure AD & cloud native)
Supervising Responsibilities:
· This role will mentor more junior analysts and assist on-boarding new peers to the team. There will no formal supervisory duties.
Qualifications, certifications and Education requirements:
· Bachelor’s degree in Computer Science, Cybersecurity, or equivalent work experience
Desired Certifications:
· Strong preferrence for candiates with an OSCP or OSCE certification
· Professional security certifications including OSCP, OSWP, GPEN, GWAPT, or AWAE
I f you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.
Apply now.