UKI TC Penetration Tester - Manager

at  EY

EXPERIENCE AND ATTRIBUTES FOR SUCCESS

Experience:

• 7-10+ years’ experience working in a penetration testing role across various sectors
• Experience in ‘Big 4’ or similar consultancy experience in the Irish market
• Track record in supporting the delivery of a broad range of cyber security projects
• Government, Utilities, Manufacturing, Financial Services and Pharma experience desirable
• Leadership experience with a strong focus on mentorship
• Onsite and Offsite Penetration Testing
• OSCP qualification and red team experience
• OT pen testing experience
• Driven cyber security professional with a passion for information security
• Strong analytical skills to solve technical issues and flexibility in handling multiple issues at once

SKILLS AND KNOWLEDGE FOR THIS ROLE INCLUDE:

• Ability to lead and support remote teams in performing complex penetration tests in a variety of environments, managing several teams across different client sites
• Experience in delivering penetration test results to technical and non-technical colleagues and clients
• A deep understanding of technical security requirements, and conducting research projects to maintain and grow knowledge within technology
• Ability to independently perform technical responsibilities and deliver results to a high standard
• An in-depth awareness and understanding of advancements in the penetration testing domain
• Ability to collaborate with colleagues across other relevant teams to enhance service quality
• Experience in maintaining compliance with regulations and standards in relation to executing penetration tests, in addition to audit requirements and exacting reporting formats
• Ability to take on responsibility for penetration test projects and follow these through to completion including carrying out tests, issuing reports and providing recommendations
• Experience in mentoring junior members of teams, you will need to grow on-shore and off-shore capabilities and support overall service improvement
• Hands-on internal and external infrastructure and application penetration testing required
• Exposure to a variety of security testing tools and a wide range of exploit techniques
• Requirement to stay up-to-date on current security threats, trends and solutions
• Strong demonstrated ability to take vulnerabilities and articulate the actual business risk along with excellent reporting writing and client presentation skills
• Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), National Institute of Standards and Technology (NIST) Special Publications, Tigerscheme SST, and CESG Check
• A consultative manner and customer facing skills with the ability to communicate with stakeholders at all levels and advise on best practices
• An enquiring mind, the tenacity to overcome technical challenges, and an ability to approach problems from different perspectives

TO QUALIFY FOR THE ROLE YOU MUST HAVE

• MSc degree in information security, computer science, computer engineering, information systems, cloud computing or related field of study
• OSCP certified