Cybersecurity Penetration Tester
BELGIUM
Job description
The opportunity
In response to strong market demand, EY has ambitious plans to expand our already market leading Cybersecurity practice. We continue to build our Cybersecurity practice and are now looking for strong individuals with experience in attack and penetration testing, vulnerability assessments and red teaming. By joining us now you will be part of our exciting growth strategy where you will get the opportunity to develop it in line with your own interests.
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills to identify potential threats and vulnerabilities in client IT environments. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment.
Your key responsibilities:
· Execute penetration testing assessments including identifying and exploiting security vulnerabilities in our clients” infrastructure using the established methodology, tools and rules of engagements.
· Perform intelligence gathering, vulnerability identification and analysis in a wide array of IT environments to identify vulnerabilities and potential attack paths resulting in privilege escalation and remote code execution vulnerabilities on client infrastructure.
· Perform in-depth analysis of penetration testing results and create a penetration testing report that describes findings, exploitation procedures, risks and recommendations.
· Conduct security research to devise new attack techniques.
· Stay current with the latest exploits and security trends.
· Develop custom software tools / scripts to assist in compromising IT infrastructure and applications.
· Ability to work both independently as well as lead a team of technical testers on penetration testing engagements.
· Provide technical leadership and advise to junior team members on attack and penetration test engagements.
· Convey complex technical security concepts to technical and non-technical audiences, including executives.
Profile:
· Fluent in either Dutch or French - Professional knowledge of English
· Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major
· A minimum of 2 years of related work experience in penetration testing
· Experience may include IT infrastructure, web application, API, mobile applications, wireless, social engineering, cloud and Red Team assessments.
· Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends.
· Knowledge of Windows, Linux, Unix, MacOS, Android, iOS and any other major operating systems.
· Deep understanding of TCP/IP network protocols
· Deep understanding and experience with various Active Directory attack techniques.
· Understanding of network security and popular attack vectors.
· Understanding of web-based application vulnerabilities (OWASP Top 10).
· Experience with manual attack and penetration testing.
· Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl, Ruby etc).
· Experience in using vulnerability scanning tools (e.g. Nessus, Sqlmap, nmap, Burpsuite Pro, ZAP, etc.)
· Any two of the following certifications: CEH, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, or similar.
What working at EY offers
· You join a dynamic, young team, exclusively focused on innovation, new products & services, and customer experience;
· We offer you an attractive remuneration package (competitive salary, net allowances and extensive fringe benefits: company car with fuel card, smart phone, health insurance, pension plan, etc).;
· We offer extensive trainings, both on technical matters, as well on soft skills and project management;
· We are proud of our flexible working arrangements, and we will support you to build a successful career and deliver excellent client service without sacrificing your personal priorities. While our client-facing profession might require regular travel, and at times working at client sites, we are committed to help you achieve a work-life balance;
· At EY we are passionate about the inclusion and support of individuals of all groups; we do not discriminate on the basis of race, religion, gender, sexual orientation, or disability status.