Apply on Employer Site

EY · 17 hours ago

Cyber SDC - Attack & Penetration - Senior - Consulting - Location OPEN

Denver, CO

Full-time

Hybrid

Mid, Senior Level

$78K/yr - $141K/yr

5+ years exp

EY is a global leader in assurance, consulting, tax, strategy, and transactions. As a Senior Consultant in Offensive Security, you will enhance clients' security through proactive threat assessments, lead penetration testing projects, and collaborate with teams to implement security measures throughout the software development lifecycle.

AccountingAdviceBusiness IntelligenceConsultingFinancial ServicesProfessional Services

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Lead, scope, and execute penetration testing projects, including web applications (including black box, white box, and gray box assessments), networks, cloud environments, hardware, and firmware

Develop and execute red team and purple team scenarios to identify gaps in organizational security postures and provide actionable recommendations

Perform in-depth penetration testing results create comprehensive reports detailing findings, exploitation procedures, risks, and recommendations

Stay current with emerging security threats, vulnerabilities, and industry best practices, and promote continual learning within the team

Assist in configuring, handling, patching, and updating penetration testing software an supporting infrastructure to ensure optimal performance and security

Contribute to the creation and updating of operational metrics for client meetings, providing insights into tool performance and security findings

Qualification

Penetration testingOffensive security practicesAutomation toolsScripting languagesCloud environmentsManual attack testingAnalytical skillsEffective communicationProblem-solving skillsContinuous learningTeam collaboration

Required

Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field

A minimum of ten (10) years' experience performing penetration tests; or a minimum of five (5) years working in an electric utility in generation, or transmission & distribution performing penetration tests

Extensive experience with manual attack and penetration testing, including web applications, networks, and cloud environments

Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks

Knowledge of Windows, Linux, Unix, and other major operating systems

Proven experience in penetration testing and offensive security practices, with a minimum of 5+ years of related work experience

Strong knowledge of automation tools and processes, particularly in the context of offensive security and application security

Excellent problem-solving skills and the ability to manage multiple security projects simultaneously

Effective communication skills to liaise with clients and internal stakeholders, translating complex technical concepts into understandable terms

Preferred

Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc

Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, and open-source project involvement

Strong analytical skills with the ability to interpret complex information and communicate it effectively

Active interest in staying updated on the latest cybersecurity threats and trends, promoting continual learning and adaptation

Benefits

Medical and dental coverage

Pension and 401(k) plans

Paid time off options

Flexible vacation policy

Designated EY Paid Holidays

Winter/Summer breaks

Personal/Family Care

Other leaves of absence when needed to support your physical, financial, and emotional well-being

Company

EY

Glassdoor3.8

EY is building a better working world by creating new value for clients, people, society, the planet, while building trust in the capital markets.

Founded in 1989

London, England, GBR

10001+ employees

http://www.ey.com

H1B Sponsorship

EY has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (10242)

2024 (9877)

2023 (10966)

2022 (9394)

2021 (5652)

2020 (8849)