Cybersecurity Associate/Senior Associate, (VAPT) Offsec

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

The opportunity

We are looking to hire motivated and driven penetration testers to join our team of cybersecurity professionals. As a cybersecurity professional in EY Singapore, you will have the chance to work in engagement teams serving our clients in providing independent assessments or implementation of cyber solutions. As EY Singapore is a member of the whole global EY network, you will be part of an international connected team of specialists helping our clients with their most complex cybersecurity needs and contributing toward their business resilience.

Your key responsibilities

You will be part of the Cybersecurity Attack & Penetration team at EY Singapore. This team provides technical cyber assessments that aim to assist clients gain insight and context to their cyber threats, and provide pragmatic recommendations to mitigate these threats. As a penetration tester in the Attack & Penetration team, your responsibilities include:

• Perform cybersecurity threat modelling
• Perform web application penetration testing
• Perform mobile application penetration testing
• Perform IT and OT network penetration testing
• Perform IOT penetration testing,
• Perform source code reviews
• Perform red team assessments
• Conduct social engineering exercises
• Support in incident response

Through the technical assessments stated above, you will then advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls.

Skills and attributes for success

• Communication - Demonstrate that you listen and understand before responding
• Knowledgeable - Demonstrate deep technical capabilities and understanding of the client's problems.
• Curiosity - Be proactive, learn fast and seek to identify issues that others might miss.
• Integrity - Conduct yourself as per EY's values, and do not be afraid to admit mistakes.
• Impact - Consistently deliver exceptional quality work that positively impacts the projects that you are on.
• Teamwork - You seek to ensure that the team succeeds, rather than only yourself.

To qualify for the role you must have

A degree in Computer Science, Computer Engineering, Information Technology or equivalent

Industry-recognised penetration testing certifications such as, but not limited to:

a) Offensive Security Certified Professional (OSCP)

b) Offensive Security Web Expert (0SWE)

c) Offensive Security Certified Expert (OSCE)

d) Offensive Security Exploitation Expert (OSEE) and/or

e) Relevant certification from the Council of Registered Ethical Security Testers (CREST), such as CRT, CCT etc.

Candidates with at least 2 years of working experience as a penetration tester will be considered for the Senior Consultant positions.

Candidates with less than 2 years of working experience as a penetration tester will be considered for the Associate Consultant positions.

What we offer

EY offers a competitive remuneration package where you'll be rewarded for your individual and team performance. We are committed to being an inclusive employer and are happy to consider flexible working arrangements. Plus, we offer:

• Continuous learning: You'll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We'll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.