Vulnerability Analyst

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity As an Offensive Security Analyst on the Vulnerability Management team, you will play a supporting role in the meticulous evaluation and management of EY's digital exposure, working under the guidance of the Vulnerability Exposure Management Lead to identify and mitigate vulnerabilities in the EY digital attack surface. Your responsibilities will include aiding in the assessment and validation of third-party risk assessments and ensuring that EY's security standards are upheld across all digital assets. Additionally, the analyst will influence and implement proactive defense strategies to maintain the integrity and security of the business's digital footprint. Your key responsibilities The Analyst will leverage offensive security skills to evaluate the business's digital exposure, identifying and mitigating risks stemming from misconfigurations, vulnerabilities, and mismanaged assets. The candidate will play a crucial role in managing third-party risk assessments and identifying assets susceptible to exploitation and abuse by cyber threat actors. Collaborating closely with multiple functions, the analyst will work to execute the Attack Surface Management strategy to protect EY's digital assets. Additionally, the analyst will emulate cyber threat actors to conduct recon against the EY attack surface to identify threats and advise proactive measures to safeguard the business. Skills and attributes for success Expert attention to detail Aptitude for thinking critically Ability to handle high volume requests Flexibility and comfortability pivoting between diverse environments Developing communication Skills Familiarity with research methodologies