Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

For Employers

Add office photos

Engaged Employer

Ernst & Young

Compare

3.4

based on 10.6k Reviews

Video summary

2291 Ernst & Young Jobs

TC-CS-CTM-Pen testing-Senior

Ernst Young

3.4

based on 10.6k Reviews

3-6 years

Kolkata

1 vacancy

TC-CS-CTM-Pen testing-Senior

Ernst & Young

posted 16hr ago

Job Role Insights

Flexible timing

Key skills for the job

Quality Assurance Consulting Project Management Linux Administration PHP Windows System Administration

+ 4 more

Job Description

Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines.
Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing.
Execute penetration testing projects using the established methodology, tools and rules of engagements.
Execute red team assessments to highlight gaps impacting organizations security postures.
Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
Convey complex technical security concepts to technical and non-technical audiences including executives.
Perform technical quality reviews and conduct technical conversations directly with clients.
Keep uptodate with the latest techniques and concepts.
Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams
Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing.
Understanding and experience with Active Directory attacks.
Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred.
Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization.
Support SDLC and agile environments with application security testing and source code reviews.
Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development.
Provide technical expertise and guidance to clients on remediation strategies and security best practices.

Skills and attributes for success

In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments
Good to have knowledge in AI in pentest
Understanding of TCP/IP network protocols.
Understanding of network security and popular attacks vectors.
Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing
Strong understanding of security principles, policies, and industry best practices
Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results.
Excellent communication and presentation skills, both written and verbal.
Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums.
Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead.

To qualify for the role, you must have

BE/ B.Tech/ MCA or equivalent
Minimum of 3 years of work experience in penetration testing which may include at least three of the following Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments.
One of the following certifications OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX
Knowledge of Windows, Linux, UNIX, any other major operating systems.
3-9 years of work experience in Strategy and Operations projects
Team management skills are preferred.
Conduct technical discussions and perform technical Quality reviews.
Familiarity with OWASP methodologies and application security vulnerabilities.
Exceptional ability to educate and guide application developers in security best practices.
Excellent communication, presentation, and interpersonal skills.
Strong Word, Excel and PowerPoint skills.