Jobs · Information Technology · Texas

Offensive Security Analyst

EY · Austin, TX · 1 wk ago
On-siteInformation Technology$76k–$139k/yrFull-time

About the role

Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets. Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust.

Responsibilities

  • Evaluate and reduce EY’s digital exposure through hands-on penetration testing and adversarial simulation
  • Identify, assess, and help mitigate vulnerabilities across EY’s global attack surface
  • Support the validation of third-party risk assessments
  • Contribute to strengthening Continuous Threat Exposure Management and Attack Surface Management efforts

Requirements

  • A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security
  • Hands-on experience testing applications, APIs, cloud environments, and network infrastructure
  • Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques
  • Familiarity with offensive security methodologies and frameworks
  • Experience supporting or performing third-party risk assessments
  • Strong analytical and problem-solving skills with the ability to prioritize risks effectively
  • Effective communication skills to convey technical findings to both technical and non-technical audiences

Qualifications

  • Strong attention to detail with a methodical approach to identifying complex attack paths
  • Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context
  • Ability to manage high volumes of testing requests without compromising depth or quality
  • Flexibility to work across diverse technologies, including cloud, applications, and infrastructure
  • Familiarity with research techniques and threat intelligence to support proactive risk identification

Skills

  • Capability to identify and exploit vulnerabilities beyond automated scanning tools like Qualys, Nessus etc.
  • Strong analytical and problem-solving skills with the ability to prioritize risks effectively
  • Effective communication skills to convey technical findings to both technical and non-technical audiences
  • Familiarity with research techniques and threat intelligence to support proactive risk identification

Benefits

The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary ranges. At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams.

Pay

The base salary range for this job in all geographic locations in the US is $76,400 to $138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $91,700 to $157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography.

Schedule

Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.

Application Instructions

Are you ready to shape your future with confidence? Apply today.

Similar jobs