Cyber SDC - WAM Penetration Tester - Senior - Location OPEN

Position Overview

Location: Anywhere in Country.At EY, we’re all in to shape your future with confidence. As a Cybersecurity – Attack and Penetration Tester, you will join an international team of cybersecurity specialists leading the implementation of security solutions for clients. With exclusive access to Advanced Security Centers and a globally connected powerhouse, you will address complex security challenges and contribute to business resilience. We provide career-long training, coaching, and a collaborative environment for your growth.

Key Responsibilities

• Perform penetration testing including web application, API, and thick client assessments.
• Work independently and lead a team on penetration testing and red team engagements.
• Provide technical leadership and mentor junior team members on attack and penetration test engagements.
• Identify and exploit security vulnerabilities across a wide array of systems.
• Conduct in-depth analysis of testing results and prepare comprehensive reports detailing findings, exploitation procedures, risks, and recommendations.
• Execute penetration testing projects using established methodologies, tools, and rules of engagement.
• Communicate complex technical security concepts to both technical and non-technical audiences, including executives.

Required Qualifications

• Bachelor's degree and at least 5+ years of related work experience.
• Experience with manual attack and penetration testing.
• Proficiency in scripting/programming (e.g., Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc.).
• Up-to-date knowledge of the latest exploits and security trends.
• Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT.

Preferred Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with 3+ years of penetration testing experience, or a master's degree with at least 2+ years of related experience.
• Contributions to the security community through research, public CVE disclosures, bug bounty acknowledgments, open-source project involvement, blog posts, or publications.
• Understanding of web-based application vulnerabilities (OWASP Top 10).
• Strong analytical and problem-solving abilities.
• Excellent communication skills, both written and verbal.
• Ability to work collaboratively in a team environment.

Benefits & Perks

• Comprehensive compensation and benefits package with a base salary range between $72,500 to $140,900 (with higher ranges in select regions), along with medical/dental coverage, pension and 401(k) plans, and a variety of paid time off options.
• Hybrid working model with an expectation to work on-site 40-60% of the time during engagements.
• Flexible vacation policy, including time off for EY Paid Holidays, seasonal breaks, Personal/Family Care, and other leave options to support your well-being.