pracaon.plpracaon.pl

Cybersecurity Senior Consultant - Senior Pentester

Warszawa, Mazowieckie, Polska, 01-208
EY
Partner
8d
Wynagrodzenie do ustalenia
Pełny etat • Zdalna • IT i Telekomunikacja

Najważniejsze cechy oferty

  • Min. 3 lata doświadczenia

  • Backend: Java / .NET / Node / Python

  • Praca zdalna - bez dojazdów

  • Pełny etat

Description

Cybersecurity Senior Consultant – Senior Pentester Location: Katowice / Warsaw - 2 days office / 3 days remote Let us introduce you the job offer by EY GDS Poland – a member of the global integrated service delivery center network by EY. The opportunity You will work in multinational environment together with other top security experts and your responsibility will be to deliver Attack & Penetration Testing projects and various other security projects including application code review, social engineering, Red Team Assessments, Threat Modelling, Security Architecture reviews. What we look for We look for senior pentester who combine technical depth with maturity and discipline. Deliver findings that teams can fix and provide analysis for the testing results.

What we offer

  • EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across nine locations – Argentina, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

  • Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

  • Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

  • Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

  • Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

Ideally, you’ll also have

  • Documented participation in Bug Bounty programs or acknowledgement of Responsible Disclosures outside those programs,

  • Granted CVEs,

  • Programming language skills (Python, C++, C# or Java).

Skills and attributes for success

  • Understanding of common attack paths and security weaknesses across web and mobile applications, infrastructure, and cloud environments with the ability to translate findings into business-relevant risks and actionable remediation steps

  • Structured and disciplined work style, including thorough documentation, evidence handling, clear communication, and a strong focus on quality

  • Strong investigative mindset with attention to detail

Your key responsibilities

  • As a Cybersecurity Senior Consultant, you’ll contribute technically to Cybersecurity client projects and internal projects. The role involves hands-on testing, analysis, and reporting.

To qualify for the role, you must have

  • 4+ years of experience in Dev / ITSec conducting penetration tests projects,

  • Knowledge of security issues at the technical level,

  • Knowledge of solutions and recommendations to prevent or mitigate security vulnerabilities,

  • Knowledge of the application security verification standards,

  • Deep understanding of how information’s technology systems work:

  • networking architecture,

  • networking protocols,

  • operating systems.

  • Deep understanding of how web applications work, starting from backend, ending with frontend,

  • Deep understanding of OWASP Top10 concepts,

  • Familiarity of Red Team methodologies (MITRE, Social engineering, OSINT etc.),

  • Autonomy and maturity in what you do as security professional,

  • Consulting and communication skills to provide technical security expertise understandable by non-technical audience,

  • OSCP, OSWE, GPEN certificate or similar,

  • Excellent command of English language. German or other European language would be an advantage but not mandatory.

Oferta została zaimportowana z zewnętrznego portalu.Źródło ogłoszenia

Więcej podobnych ofert