EY Application Vulnerability Assessment Consultant in Poland
Application Vulnerability Assessment Consultant
Requisition # POL001PG
Post Date Feb 06, 2021
EY GDS (Global Delivery Services) means 40.000 specialists providing global IT, project management and strategic business services to EY member firms. In addition, we deliver support and solutions to clients from all over the world.
As an Application Vulnerability Assessment Consultant you will be technically minded and process oriented, providing support and advice to our clients on protecting themselves against the ever changing cyber threat landscape. You will belong to an international team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience.
Skills and attributes for success:
4+ years of experience in IT along with proven path in architecture or/and security;
Experience with identifing potential threats as per STRIDE framework. Also, capable of identifying and writing the threat agents, attack vectors, impacted assets, recommendations for the identified vulnerabilities.
Previous experience in using Microsoft Threat Modeling tool 2016 (or above) to draw data flow diagrams with proper listing of data labels, data flows, trust boundaries, users, integrations etc.
Familiarity of security frameworks such as NIST, ISO for application security.
Fundamental knowledge of security controls for technologies such as SAP, Salesforce, AWS, Azure, Mobile / web based applications, APIs / webservices.
Understanding of CAPEC [Common Attack Pattern Enumeration & Classification] framework to map attack patterns to vulnerabilities identified.
Skilled in prioritizing the identified risks as per impact and vulnerability factors.
Readiness to travel;
Very good command of English (German or other European language would be advantage, but is not mandatory)
What working at EY offers:
Opportunity to develop technical and non-technical skills in a truly global environment
Certification in leading cloud technologies
Variety of platforms for upskilling including but not limited to Udemy for business, on-site trainings, language classes, etc.
Flexible full time working hours with respect to your work life balance
Modern and well located office in Warsaw or Wroclaw with fresh work environment
Perks / benefits: private health care (incl. family, parents, in-laws & dental care), life insurance, sport groups, MultiSport, Benefitsystem, theatre and cinema tickets, shopping vouchers, etc.
Interesting top technology transformation projects with global impact
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Make your mark.