Consultants - Offensive Security - Advanced Security Centre

At EY we believe that whoever you are, your uniqueness helps us stand apart. We bring together extraordinary people, like you, to build a better working world. What’s in it for you? Our EY Advanced Security Centre (ASC) is a well-established, dedicated and vibrant offensive security team. Our vision is to build and bring the strongest, most diverse and highly skilled team to the market. We strive to be the market leaders in security testing services, ready to tackle any challenge that comes our way. We are looking for people looking to kick-start their career in offensive security or people looking to tackle some of the biggest challenges our clients are facing in the market. There is flexibility to be based in either Sydney or Melbourne. The ASC provides the following services to our clients:

• Web, Web services, mobile and thick client penetration testing
• Internal/External network penetration testing
• Red Team/Purple Team assessments
• Social Engineering assessments
• Application Security Consulting and Secure Code Review
• Cloud security assessments
• Wireless assessments
• Security configuration reviews

What we’re looking for Here’s our ‘wish list’ but don’t worry if you don’t tick all the boxes. We’re interested in your strengths, what you want to learn, and how far you want to go.

• For Senior Consultants, a minimum of 3+ years cybersecurity experience, with a majority being offensive security related (e.g. penetration testing or application security experience), beyond the use of automated tools. Show us that you know what’s happening behind the tooling.
• For Consultants with less than 3 years’ experience, show us what you already know, how you’ve been learning – show us that you will continue to develop on the job!
• Strong project management and interpersonal skills.
• A commitment to build and grow your technical cybersecurity career to the next level.
• Experience in web and mobile application security testing and specialisation in one other domain would be favourable (thick application, red team/purple team or internal/external network)
  • Demonstrable proficiency of at least 2 following security assessment methodologies:
    • Web, Web services, mobile and thick client penetration testing
    • Internal/External network penetration testing
    • Application Security consulting and secure code review
    • Wireless assessments
    • Social engineering/red team assessments
  • Demonstrable technical understanding or certifications of at least 2 of following domains:
    • Common web technologies and frameworks
    • Application architecture
    • Cloud experience
    • Networking and Network protocols
    • DevOps methodology and pipelines
• Relevant (or be willing and able to pursue) professional certifications such as OSCP, SANS, CREST, PJPT, PNPT, PWPT, PJWT, CPTS, etc.

Our roles can be adjusted to work flexibly with the potential of reduced hours to balance your time between the home and office. Please speak with us about potential options. What we can offer you

• Explore how a career at EY is yours to build at
• Discover how, when and where you can work at
• Learn about our commitment to DE&I at
• Discover the various ways our benefits can cater to your needs, across wellness, financial wellbeing, and family-friendly policies which include 26 weeks gender neutral paid parental leave at
• We offer a competitive salary which is open to negotiation pending on skills and experience.

Acknowledgement of Country EY acknowledges the Traditional Owners and Custodians of the lands on which EY offices are located around Australia. We pay our respects to their cultures, and to their Elders — past, present, and emerging. Find out more about our vision for reconciliation at Apply now… we’re over 9,000 perspectives in Australia and we’re ready to welcome yours. At EY we take inclusivity seriously, and we’re committed to removing barriers and improving the employment prospects of people with disability or long-term health conditions. We encourage you to share any support and adjustments you need to be your best and participate equitably in our recruitment process. We understand sharing your needs with us can be daunting, so if you have questions before or during your application, we welcome you to get in touch at contactrecruitment@au.ey.com or +61 3 8650 7788 (option 2). Anything you tell us will be kept completely confidential. #LI-Hybrid Important Notice: End of Year Office Closure Thank you for your interest in career opportunities at EY. Please be advised that our EY Oceania offices will be closed for the end of year shutdown. This will result in a delay in reviewing applications and responding to queries during this period.

• Australia, Fiji, and PNG : Offices will be closed from 20 December 2024 to 3 January 2025 inclusive.
• New Zealand : Offices will be closed from 23 December 2024 to 10 January 2025 inclusive.

We appreciate your understanding and patience during this time. We look forward to reviewing your application and will get back to you as soon as possible once our offices reopen. EY | Building a better working world  Our preferred applicant will be required to undertake employment screening by EY or our external third-party provider.