Security Analyst

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Application Senior Security Specialist

Job Summary

As application senior security specialist for the Security Certification Team, candidate will be resposible to conduct application vulnerability assessment and penetration testing of EY applications before they move into production and support the team to meet overall security certification goals and client requirements.

Essential Functions of the Job:

• Capable of conducting application & network penetration testing and vulnerability assessments
•  Preparing detailed security review reports and remediation guidances
•  Researching new application security vulnerabilities and attack vectors
• Support the team in updating their skill and knowled

Knowledge and Skills Requirements:

•     Hands on experience of Web, thick client, Mobile, VOIP, Wireless application security testing.  
•     Proficient in automated and manual application testing methodologies.
•     Expert in using manual testing tools such as Burp Professional, Nmap, Wireshark, Nessus, echomirage.
•     Expert in using automated application scan tool Webinspect / Qualys WAS, CheckMarx, WhiteSource etc..
•     Basic Knowledge of programming language like C/C++, C#, JAVA, ASP.NET and familiar with PERL/Python Scripting.
•     Familiar with OWASP and Secure SDLC standards
•     Knowledge of common security requirements within ASP.NET & Java  application
•     Good Knowledge of TCP/IP, Network Security.  
•     Knowledge / experience on code review
•     Good Technical aptitude, problem solving and ability to quickly learn and master new topics and domains.
•     Excellent communication skills; written and verbal.

Supervision Responsibilities:

• None
• Other Requirements:
• Flexible work environment

Qualifications,certifications and education requirements

Job Requirements:
Education:
Bachelor's degree in a technical discipline such as Engineering or Computer Science or equivalent work experience in IT and Information Security.

Experience:

•     4 - 6 yrs. experience in application security assessment
•     Hands on experience of Web, thick client, Mobile Application security reviews.
•     Exposure and good understanding of the various manual testing methodologies.

Certification Requirements:
Desirable:  IT security Certifications (CEH. ECSA, OSCP etc..)
 

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.