Pen Tester, Manchester
Utilise some of the most innovative testing software tools and be part of the inception of a rapidly growing, elite Security team based in the North-West. If you're interested in working with an organisation that will reward an appetite for development by providing you with the time, training, and resources you need in order to grow your professional interests further, in a way that benefits you and not just the business, then we might be the place for you.
As a Security professional at EY, you will have the opportunity to work on some of the most captivating and demanding security projects in the UK. You will have the opportunity to continuously improve your testing toolset and have the flexibility to continue your own self-development.
Our team at EY is encouraged to contribute to the industry by way of whitepapers, presentations, thought leadership, and attendance at various security conferences. In return, we ask that you demonstrate a positive and professional attitude and a genuine appetite to learn and build great relationships with clients with their needs in mind.
Your key responsibilities
· Using a variety of network security testing tools and exploits to identify vulnerabilities and recommend corrective action
· Gather the test data not only from the output of the automated penetration tools but also from information gathered from earlier stages to identify vulnerabilities that the tools may not see
· Deliver high quality security assessments, according to pre-defined scope meeting the client expectations.
· Support the North-West Security Team by contributing towards technical collateral development, technical white papers, and research documents.
· Share knowledge with colleagues and assist with the mentoring of junior team members.
· Provide market and technical insight through the publication of blog / social media to assist in developing your own and EYs public profile.
Skills and attributes for success
We value not only your ability to undertake the role's technical aspects, but more importantly, your genuine passion for Security Testing.
· Open-minded analytical approach to performing security testing, considering manual and automated machine learning techniques
· Manual penetration testing and an understanding of IP Networking in a security context
· Flexibility to cross-skill and engage in other security domains such as Cyber Threat Management, Identity and Access Management, Cyber Transformation, Business Resilience and Data Loss Prevention and Privacy
· Excellent technical presentation and reporting skills, both written and verbal
· Ability to communicate detailed technical information to a non-technical audience clearly
· Self-motivated, able to work towards strict deadlines, prioritise workload and deliver under pressure to agreed timescales and deadlines
· Open to traveling to visit clients up to 70% of the time
To qualify for the role you must have
· Relevant penetration testing certifications such as:
o Council of Registered Ethical Security Testers (CREST), TIGER Scheme, or OSCP
o Cyber-security related status (CHECK CTM, or CTL)
o Recognised security testing certifications (GIAC, SANS)
· A degree in computer security, computer science, or equivalent
· Proficiency in performing both network and web application penetration testing manually
Ideally, you'll also have
· Programming skills and experience in one or more common web programming language i.e. ASP .NET, PHP, Python, Java, C#, etc.
· Experience with reverse engineering and malware analysis
· Exploit development or other-in depth vulnerability research experience
· Any other related skills and experience in Application, Operating System, Hardening, Database management etc.
What we look for Core consulting skills -
Advanced data & evidence management, client management on remediation programmes, driving innovation & continuous improvement Technical skills -
Strong technical insight, practical knowledge & capability in your specialist capability Versatility -
Proven ability to adapt and learn in an innovative environment What working at EY offers
We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus we offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.
As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now.