EY Advisory, Risk, Cyber Security – Penetration Tester/Application Security Consultant in NS, Australia

Title: Advisory, Risk, Cyber Security – Penetration Tester/Application Security Consultant

Location: AU-NS-Sydney

Job Number: SYD002XA

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As a Cyber Security Specialist, you will guide our clients to strengthen their cyber defences. At EY, you will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. In simple terms, you know how to use your deep technical experience and apply that to a business where we need to battle risk and agility.

The opportunity

This is a fantastic opportunity working with market leading specialists and working collaboratively with our clients to manage engagements and lead teams of resources. At EY we've built a team of technically focused consultants in our global network of Advanced Security Centres (ASCs). ASC professionals typically operate in a red team capacity executing with advanced cybersecurity tools and techniques. Our Advanced Security Centre (ASC) is a well-established, dedicated and vibrant team that is designed to help our clients protect the confidentiality, integrity and availability of their information.

Your key responsibilities

In your role as a Penetration Tester/Application Security Consultant you will:

  • Be a trusted member of our Advanced Security Centre team

  • Execute and help manage technical IT Security testing engagements

  • Work effectively as a self-managed team member; share responsibility, provide support, maintain communication and update senior team members on engagement progress

  • Evolve your skills to match cutting edge IT Security trends

  • Prepare client reports and presentations to an exceptional standard

  • Contribute and assist with IT security staff recruitment, retention and development activities

  • Understand and follow workplace policies and procedures

Skills and attributes for success

We’re looking for people with the following experience:

  • A drive to build and grow your technical IT security career to the next level

  • A methodical approach to attack and penetration testing (above running automated tools)

  • Application security testing experience (in particular ASP.NET and Java technologies)

  • Mobile application security testing/development experience

  • Infrastructure security testing experience

  • Wireless security testing experience

  • Source code analysis for security vulnerabilities experience

  • Reverse engineering or malware analysis experience

  • Threat Intelligence experience

  • Operational Technology/Industrial Control Systems experience

  • Technical security operations experience

  • Working knowledge of network protocols

  • Network security: firewalls/routers/switches/VLANs

  • Administration experience in any of the following:

  • Windows Active Directory Administration

  • Linux/Unix Administration

  • Database Administration

  • Knowledge of one or more scripting/programming languages (e.g. Python, Ruby, PHP, Java .NET, C, C#, etc)

  • Systems security skills in assessment, design, architecture, management and reporting


To qualify for the role you must have:

  • You'll have a minimum of 4 years IT Security or 2 year’s penetration testing experience

  • A Bachelors and/or post graduate degree in computer science, information systems, engineering, or a related major is advantageous.

  • Strong project management, negotiation and interpersonal skills.

  • Advanced written and verbal communication skills and presentation skills.

  • You should hold or be willing to pursue related professional certifications such as the OSCP, SANS, CREST, MSCIPT, RHCE etc.

What we look for

We’re interested in leaders with a genuine creative vision and the confidence to make it happen. You can expect plenty of autonomy in this role, so you’ll also need the ability to take initiative and seek out opportunities to improve our current relationships and processes. If you’re serious about cyber and ready to take on some of our clients’ most complex issues, this role is for you.

What working at EY offers

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

  • Support and coaching from some of the most engaging colleagues around

  • Opportunities to develop new skills and progress your career

  • The freedom and flexibility to handle your role in a way that’s right for you

EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Make your mark.

Apply now.

© 2017 Ernst & Young Australia. All Rights Reserved.