Ernst & Young

Your key responsibilities

• Perform systematic and complete penetration tests on company's digital systems to identify vulnerabilities.
• Develop and implement testing methods and tools for security testing of applications, networks and systems.
• Conduct manual penetration tests of web applications, APIs, mobile applications, and network infrastructure.
• Conduct social engineering assessments, including spear phishing, physical security assessments, and desktop testing.
• Document the findings from the penetration tests and communicate them to the stakeholders.
• Develop and guide junior testers in the team for performing penetration tests proficiently.
• Work with network and application teams to understand the system and help them fix identified vulnerabilities.
• Perform vulnerability assessments as part of a risk-based security assessment program.
• Keep updated with the latest trends in cybersecurity, new vulnerabilities, and testing methodologies.
• Analyze, disassemble, and reverse engineer code to discern weaknesses for exploitation; document and discuss findings with various stakeholders.
• Assist in managing engagement by organising staffing, tracking fees and communicating issues;
• Supervise and coach junior team members;
• Manage and maintain strong client relationships;
• Contribute to the development of proposals, conduct research & development activities;
• Participate in business development initiatives, identify and escalate potential business opportunities on existing engagements;

Skills and attributes for success 

• Bachelor's Degree in Computer Science, Information Systems or a related field.
• A minimum of 03 years of experience in penetration testing or a similar role.
• Highly knowledgeable about various operating systems and databases.
• In-depth knowledge of networking protocols and web technologies.
• Previous experience with scripting and programming languages such as JavaScript, Python, Bash, or others is a plus.
• Strong understanding of vulnerability assessment and penetration testing methodologies.
• Excellent problem-solving and analytical skills.
• Exceptional communication skills; capable of conveying complex security topics in easy to understand language.
• High degree of professional integrity and strong ethical values.
• Good understanding of cybersecurity solutions and framework, enterprise architecture, IT/business functions and operations, industry trends;
• At least 3 years of experience in cybersecurity practices, in at least one of following domains: IT risk management, IT audit, security operation, security engineering, pentesting, etc;
• Having industry-recognized professtional certification e.g. CISSP, CISM, CRISC, ISO 27001 Implementor/Auditor, OSCP, OSCE, OSWE, CREST, or equivelant is a plus;
• Excellent interpersonal, written and verbal communication skills in English and Vietnamese;
• Desire to work in consulting demonstrated by relevant course work;
• Demonstrated project management, teaming, organizational, analytical and problem-solving skills;
• Strong root-cause analysis experience and skills as well as the ability to identify strengths and weaknesses in a client’s processes and controls;
• Effective organization and time management skills with the ability to work under pressure and adhere to project deadlines;

What working at EY offers

• You will join a young, dynamic team, genuinely passionate about its work, within a leading global professional services firm;
• Opportunities to develop new skills and progress your career;
• Support, coaching and feedback from security professionals;
• The freedom and flexibility to handle your role in a way that’s right for you;
• Acquire a fully accredited corporate MBA (EY Tech MBA) from Hult International Business School;

About EY

As a global leader in assurance, tax, strategy and transaction and business consulting, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Only shortlisted applicants will be invited to attend evaluation rounds. Please check your email regularly for updates.

Make your mark.

Apply now.