EY Penetration Testers – Financial Services Advisory - Expressions of Interest (Melbourne) in Melbourne, Australia

Penetration Testers – Financial Services Advisory - Expressions of Interest (Melbourne)


Requisition # MEL0020F

Post Date Jan 24, 2019

At EY we have fantastic opportunities for you to work with market leading specialists and collaborate with our clients to manage engagements, lead teams or perform penetration testing. We've built a team of technically focused consultants in our global network of Advanced Security Centres (ASCs) and as we continue to grow we are seeking cybersecurity professionals at all levels of seniority. ASC professionals typically operate in a red team capacity executing with advanced cybersecurity tools and techniques.

The opportunity

Our ASC team is growing and we are looking to connect with professionals with varying levels of experience . You may be ready for a change in your career now or in the future, either way we would like to speak with you now and get the ball rolling! If this opportunity appeals to you, please apply and we can start the conversation. We are looking for candidates in both Sydney & Melbourne.

Our Advanced Security Centre (ASC) is a well-established, dedicated and vibrant team that is designed to help our clients protect the confidentiality, integrity and availability of their information. We work with some of Asia Pacific’s biggest clients and are one of Australia’s largest penetration testing teams that has been consistently working together for more than 8 years.

The ASC provides the following services to our clients

  • Web, mobile and thick client penetration testing

  • Source code reviews

  • Infrastructure security assessments

  • Internal/external network penetration testing

  • Vulnerability assessments

  • Security configuration reviews

  • Wireless assessments

  • Social engineering/red team assessments

Your key responsibilities:

(Will include some or many of the below dependant on your level of experience)

  • You will be a trusted member of our Advanced Security Centre team

  • Work effectively as a self-managed team member; share responsibility, provide support, maintain communication and update senior team members on engagement progress

  • Execute and help run technical cybersecurity testing engagements

  • Identify cybersecurity trends and develop market leading solutions to meet client needs

  • Manage and develop client stakeholder relationships

  • Prepare client reports and presentations to an exceptional standard

  • Contribute and/or lead and drive cyber security staff recruitment, retention and development activities

  • Develop, coach and supervise team members

  • Work with business leaders to develop the ASC and execute go-to-market plans

  • Understand and follow workplace policies and procedures

  • Oversee daily activities of a highly technical quality driven penetration testing team

We’re looking for people with some or many of the following skills and experience:

  • A methodical approach to attack and penetration testing (above running automated tools)

  • Application security testing experience (in particular ASP.NET and Java technologies)

  • Mobile application security testing/development experience

  • Infrastructure security testing experience

  • Wireless security testing experience

  • Source code analysis for security vulnerabilities experience

  • Reverse engineering or malware analysis experience

  • Threat Intelligence experience

  • Operational Technology/Industrial Control Systems experience

  • Technical security operations experience

  • Working knowledge of network protocols

  • Network security: firewalls/routers/switches/VLANs

  • Administration experience in any of the following

  • Windows Active Directory Administration

  • Linux/Unix Administration

  • Database Administration

  • Knowledge of one or more scripting/programming languages (e.g. Python, Ruby, PHP, Java .NET, C, C#, etc.)

  • Systems security skills in assessment, design, architecture, management and reporting

  • Experience leading a penetration testing team (preferably a large team)

  • Experience managing client stakeholders and expectations

  • Advanced written and verbal communication skills and presentation skills

  • The ability to translate technical jargon to non-technical stakeholders

To qualify

  • A minimum of 2 years cybersecurity experience including some penetration testing experience beyond automated tools.

  • A Bachelors and/or post graduate degree in computer science, information systems, engineering, or a related major is advantageous

  • Strong project management, negotiation and interpersonal skills would be viewed favourably

  • Have a commitment to build and grow your technical cybersecurity career to the next level

  • You should hold or be willing to pursue related professional certifications such as the OSCP, SANS, CREST, MSCIPT, RHCE, CISSP, etc.

What we look for

We’re interested in individuals with a genuine creative vision and the confidence to make it happen. You can expect plenty of autonomy, so you’ll also need the ability to take initiative and seek out opportunities to improve our current relationships and processes. If you’re serious about cybersecurity and ready to take on some of our clients’ most complex issues, a role with EY is for you.

What working at EY offers

We offer competitive remuneration packages where you’ll be rewarded based on your performance and the value you bring. Our Total Rewards package includes support for flexible working, career development, and an extensive range of wellbeing and benefit offerings. We are happy to consider formal and informal flexible working arrangements. To find out how some of our people are using these arrangements to help them achieve a lifestyle balance, please.

Who we are

EY is an inclusive and equal opportunity employer offering a vast range of internal networks including Unity, our LGBTI network and our Aboriginal and Torres Strait Islander network. These provide our people with the opportunity to connect across offices and allow us all to embrace and value the diverse society we live within. We are committed to making reasonable adjustments to provide a positive, barrier-free recruitment process and supportive work environment. If you have any support or access requirements, we encourage you to advise us at the time of application.

About EY

As a global leader in,,and, we’re using the finance products, knowledge and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Join us in building a better working world.

Start a conversation with us now.

The preferred applicant will be subject to employment screening by EY or by their external third party provider. The preferred applicant will be subject to employment screening by Ernst & Young or by their external third party provider. Regarding these opportunities, the minimum salary for more junior positions is $70,000 including 9.5% superannuation.

© 2018 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation.