Consultants - Offensive Security - Advanced (Sydney)

At EY we believe that whoever you are, your uniqueness helps us stand apart. We bring together extraordinary people, like you, to build a better working world.

What’s in it for you? Our EY Advanced Security Centre (ASC) is a well-established, dedicated and vibrant offensive security team. Our vision is to build and bring the strongest, most diverse and highly skilled team to the market. We strive to be the market leaders in security testing services, ready to tackle any challenge that comes our way.

We are looking for people looking to kick‑start their career in offensive security or people looking to tackle some of the biggest challenges our clients are facing in the market.

The ASC provides the following services to our clients:

- Web, Web services, mobile and thick client penetration testing

- Internal/External network penetration testing

- Red Team/Purple Team assessments

- Social Engineering assessments

- Application Security Consulting and Secure Code Review

- Cloud security assessments

- Wireless assessments

- Security configuration reviews

What we’re looking for Here’s our ‘wish list’ but don’t worry if you don’t tick all the boxes. We’re interested in your strengths, what you want to learn, and how far you want to go.

- For Consultants with less than 3 years’ experience, show us what you already know, how you’ve been learning — show us that you will continue to develop on the job!

- Strong project management and interpersonal skills.

- A commitment to build and grow your technical cybersecurity career to the next level.

- Demonstrable proficiency of at least 2 of the following security assessment methodologies:

- Web, Web services, mobile and thick client penetration testing

- Internal/External network penetration testing

- Application Security consulting and secure code review

- Wireless assessments

- Social engineering/red team assessments

- Demonstrable technical understanding or certifications of at least 2 of the following domains:

- Common web technologies and frameworks

- Application architecture

- Cloud experience

- Networking and Network protocolsDevOps methodology and pipelines

- Relevant (or be willing and able to pursue) qualified certifications such as OSCP, SANS, CREST, PJPT, PNPT, PWPT, PJWT, CPTS, etc.

Our roles can be adjusted to work flexibly with the potential of reduced hours to balance your time between the home and office. Please speak with us about potential options.

What we can offer you - We offer a competitive salary which is open to negotiation pending on skills and experience.

Our preferred applicant will be required to undertake employment screening by EY or our external third-party provider.

#J-18808-Ljbffr