Manager Cybersecurity (Offensive Sec. / Red teaming)

Job description

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Due to globalisation and developments within technology the structure of organisations are undergoing a lot of changes. As a technical solution architect at EY you support organisations with these transformations. Our teams exist of specialised consultants with different backgrounds. Our consultants are involved in a variety of projects, from developing up to implementing a strategy within different industries. Our core areas are Customer Experience Technology, Experience Design, Organisational Transformation and Data Analytics.

The opportunity

With rapidly changing cybersecurity threats, clients from all industries look to us for trusted solutions for their increasingly complex risks. As a member of our Cyber Risk Management team  you’ll have the opportunity help clients gain insights into their cybersecurity program and strategy as a whole.? You will have access to our robust solutions to advise clients on managing cybersecurity risk, enhancing maturity, and improving efficiency. You will belong to an international connected team of specialists helping our clients with their most complex cybersecurity needs and contributing toward their business resilience. ?  

Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. As part of our Cyber Threat Management team, you’ll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing, red teaming and simulating physical breaches to identify vulnerabilities. 

Your key responsibilities ?  

You’ll work with our practice in Amsterdam, and have a leading role on threat management projects. Within projects you may have the following responsibilities: 

• Lead penetration testing projects which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. 
• Lead and execute red team scenarios to highlight gaps impacting organizations security postures. 
• Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements. 
• Provide technical leadership and advise to consultants and senior consultants on attack and penetration test engagements. 
• Lead the analyses of code (security code review) 
• Lead the identification and exploitation of security vulnerabilities in a wide array of systems in a variety of situations. 
• Review and perform in-depth analysis of penetration testing results and oversee reporting that describes findings, exploitation procedures, risks and recommendations. 
• Lead penetration testing projects using the established methodology, tools and rules of engagements. 
• Convey complex technical security concepts to technical and non-technical audiences including executives. ?  

To qualify for the role you must have  

• Bachelors degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major with a minimum of 5 to 10 years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments. 
• Experience with manual attack and penetration testing. 
• Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc). 
• Updated and familiarized with the latest exploits and security trends. 
• Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement. 
• Familiarity to perform network penetration testing in stealth manner. 
• Any two of the following certifications OSCP, GPEN, GWAPT, OSCE, OSEE, GXPN. 
• A driver’s license valid in The Netherlands 
• Willingness and ability to travel within The Netherlands to meet client needs. 
• Strong client services orientation and accustomed to taking a proactive role in engagements 
• Flexible, responsible and self-confident personality, who feels comfortable in client’s environment

Ideally, you’ll also have 

• Knowledge of Windows, Linux, Unix, any other major operating systems. 
• Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends in Cloud implementations. 
• Deep understanding of TCP/IP network protocols. 
• Deep understanding and experience with various Active Directory attack techniques. 
• Understanding of network security and popular attacks vectors. 
• An understanding of web-based application vulnerabilities (OWASP Top 10)

What we offer 

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business: 

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. 
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. 
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. 
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. 
• Modern working environment and equipment, fostering mobile working flexibility 
• Acquire a fully accredited corporate MBA (EY Tech MBA) from Hult International Business School whilst working with EY, completely free 

If you can demonstrate that you meet the criteria above, please contact us as soon as possible. 

The exceptional EY experience. It’s yours to build.   

EY | Building a better working world 

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. As cybersecurity experts, we are committed to building a safer world 

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. 

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. 

EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law. 

Part of the application procedure is an online assessment and a Pre-Employment Screening (PES). A PES involves: checking your identification documentation, diplomas, certificate of good conduct (VOG) and a statement from EY regarding reliability when entering employment.