Expires soon Ernst & Young

EY | Senior Consultant | Penetration Tester | Karachi

  • Teaching

Job description

Senior Consultant/Penetration Tester

Job Description:

We are looking for a Senior Consultant/Penetration tester to join our fast-growing team. The ideal candidate thinks out of the box. The candidate collaborates to identify access and security gaps that can be fulfilled through cyber reconnaissance and/or preparation activities, leveraging all analytic techniques to penetrate targeted networks.


Successful applicants will be joining a team of industry experts who are driven by a strong wish to push the envelope as it relates to security research, innovation and providing our clients with simulated cyber-attacks of the type which they have not been previously exposed. In addition to involvement in day-to-day client activities, our team members are expected and must have the ability to proactively contribute to company research projects, including vulnerability research. 


We strive to maintain a positive working environment of highly skilled, confident, experienced security professionals who continuously learn from one another and develop together as one of the industries more formidable security assessment teams.


Required Skills

·  Ability to perform vulnerability assessments and penetration testing using manual testing techniques, scripts, commercial and open source tools.
·  Intimately familiar with networking fundamentals (all OSI layers).
·  Knowledge of web application, network and mobile application assessments/exploitation methodologies (OWASP, OSSTMM etc.).
·  Solid consulting skills will be a huge advantage.
·  Familiar with fundamentals of software exploitation on modern operating systems(Windows/Linux).
·  Current knowledge of common threats as they relate to specific industries.
·  A solid understanding of ethical hacking and ability to deliver project on time.
·  Scripting and programming experience is a value added (Python, C#, HTML or Java etc.).
·  Ability to explain findings to non-technical professionals.
·  Source code review for control flow and security flaws.
·  Able to work independently but also as part of a team.
·  Comfortable working in a fast-paced environment.


·  2 to 3+ years of direct penetration testing experience.
·  Experience with Windows/Linux based servers like Active Directory, FTP, SSH, and Webservers etc.).
·  Experience in a security consulting role.
·  Experience in performing network penetration testing.
·  Experience in performing application (web/mobile/api) security assessments (vulnerability assessment and penetration testing).
·  Experience in source code reviews for control flow and security flaws.



·  BS degree in Computer Science, Computer Engineering, Software Engineering, MIS, or related field would be preferred.
·  CEH, ECSA/LPT, CPTE, GPEN, or OSCP Certification.


Behavioral Aspects

·  Strong communication skills.
·  Strong problem solving skills.
·  Strong Interpersonal Skills.
·  Should be a team player.
·  Should have a Good background.

Make every future a success.
  • Job directory
  • Business directory