Consulting_Cyber Threat Management - Pen Testing Staff
EYColombo, Western Province, Sri Lanka
Posted January 27, 2026
Full Time
About the Company
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Job Description
We're looking for a Security Analyst with expertise in penetration testing to perform internet, intranet, web application, wireless, social engineering, and physical penetration testing, and provide analysis for the testing results.
Requirements
- Experience with automation through solutions such as Chef, Puppet, Jenkins, and Ansible.
- Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.)
- Familiarity with dynamic web application vulnerability scanning tools and services (Acunetix, HP WebInspect, IBM AppScan, BurpSuite, IBM AppScan).
- Familiarity with static code analysis tools and services (CheckMarx, Fortify Static Code Analysis tool, Veracode, Coverity, IBM AppScan Source)
- Familiarity with Secure DevOps Integration.
- Understanding and experience with Active Directory attacks.
- Understanding of TCP/IP network protocols.
- Understanding of network security and popular attacks vectors.
- Understanding of web-based application vulnerabilities (OWASP Top 10).
Benefits
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you
