TC-CS-NGSO TEM-Pen Testing-Manager
EY
- Kolkata, West Bengal
- Permanent
- Full-time
- Perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing.
- Execute red team scenarios to highlight gaps impacting organizations security postures.
- Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
- Provide technical leadership and advise to junior team members on attack and penetration test engagements.
- Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
- Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
- Execute penetration testing projects using the established methodology, tools and rules of engagements.
- Convey complex technical security concepts to technical and non-technical audiences including executives.
- Develop and maintain productive working relationships with client personnel
- Build strong internal relationships within EY Advisory Services and with other service lines across the organization.
- Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement.
- Brief the engagement team on the client's environment and industry trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations.
- Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients.
- Assist Partners & Senior Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & supervising proposal preparation.
- Create innovative insights for clients, adapts methods & practices to fit operational team needs & contributes to thought leadership documents.
- Practice secondment for developing new methodologies.
- Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership.
- Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products.
- Demonstrate strong project management skills
- Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business.
- Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices)
- Review status updates and prepare management presentations
- Actively contribute to improving operational efficiency on projects & internal initiatives.
- Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships.
- Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation.
- Drive performance management for self and team.
- Driving the quality culture agenda at GD
- Manage the performance management for the direct reportees, as per the organization policies
- Training and mentoring of project resources
- Participating in the organization-wide people initiatives
- Graduates /BE / M Sc (Stats, Maths, Computer Science) / MBA with background in computer science and programming /MCA with minimum 8 years of work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments.
- Any two of the following certifications: CISSP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN Network Security certifications (C|EH, Security+, SANS, ISACA, product certifications).
- Quality Management training/certification (e.g. ITIL, Six Sigma, TQM)
- Knowledge of Windows, Linux, UNIX, any other major operating systems.
- Deep understanding of TCP/IP network protocols.
- Deep understanding and experience with various Active Directory attack techniques.
- Understanding of network security and popular attacks vectors.
- An understanding of web-based application vulnerabilities (OWASP Top 10).
- Experience with manual attack and penetration testing.
- Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.).Updated and familiarized with the latest exploits and security trends.
- Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
- Familiarity to perform network penetration testing in stealth manner.
- Understanding of software security, network security, and information technology management technologies and principles
- Knowledge of vulnerability management, patch management, and configuration management best practices
- Project management skills
- Certifications: CREST
- Demonstrable flair for technical writing, including engagement reports, presentations and operating procedures
- Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results.
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you