At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

SKILLS AND ATTRIBUTES FOR SUCCESS

• Communication – Demonstrate that you listen and understand before responding
• Knowledgeable – Demonstrate deep technical capabilities and understanding of the client’s problems.
• Curiosity – Be proactive, learn fast and seek to identify issues that others might miss.
• Integrity – Conduct yourself as per EY’s values, and do not be afraid to admit mistakes.
• Impact – Consistently deliver exceptional quality work that positively impacts the projects that you are on.
• Teamwork – You seek to ensure that the team succeeds, rather than only yourself.

YOUR KEY RESPONSIBILITIES

You will be part of the Cybersecurity Attack & Penetration team at EY Singapore. This team provides technical cyber assessments that aim to assist clients gain insight and context to their cyber threats, and provide pragmatic recommendations to mitigate these threats. As a penetration tester in the Attack & Penetration team, your responsibilities include:

• Perform cybersecurity threat modelling
• Perform web application penetration testing
• Perform mobile application penetration testing
• Perform IT and OT network penetration testing
• Perform IOT penetration testing,
• Perform source code reviews
• Perform red team assessments
• Conduct social engineering exercises
• Support in incident response

Through the technical assessments stated above, you will then advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls.

TO QUALIFY FOR THE ROLE YOU MUST HAVE

• A degree in Computer Science, Computer Engineering, Information Technology or equivalent
• Industry-recognised penetration testing certifications such as, but not limited to:
  a) Offensive Security Certified Professional (OSCP);
  b) Offensive Security Web Expert (0SWE);
  c) Offensive Security Certified Expert (OSCE);
  d) Offensive Security Exploitation Expert (OSEE); and/or

e) Relevant certification from the Council of Registered Ethical Security Testers (CREST), such as CRT, CCT etc.

• Candidates with at least 2 years of working experience as a penetration tester will be considered for the Senior Consultant positions.
• Candidates with less than 2 years of working experience as a penetration tester will be considered for the Associate Consultant positions.