EY GDS Risk Advisory - Cyber Threat Management Associate Consultant in All, Philippines
Title: GDS Risk Advisory - Cyber Threat Management Associate Consultant
Location: PH-All-Taguig City
Job Number: TAG00023
Information Security Consultants would be expected to work in one or more of IT Risk and Assurance services which includes Threat and Vulnerability Management, Information security, IT audits and compliance, IT Infrastructure security services and IT risk management. Candidates expected to work actively on customer projects which involves wide range of activities in the areas mentioned above
Good understanding in penetration testing and vulnerability assessments
Good knowledge of OWASP and Secure SDLC standards
Ability to use scanning tools and exploits.
Should have performed vulnerability assessment/ penetration testing of web applications, client server applications, mobile applications etc.
Knowledge of encryption technologies
Experience in performing security code reviews and log analysis.
Scripting skills and ability to develop exploits
In- depth Knowledge of Linux administration, TCP/IP, Network Security.
Experience in performing security configuration reviews OS, Databases, Network devices, security devices, applications etc.
Good understanding of networking protocols and application communications
Preferred certifications : OSCP, GPEN, CEH, RHCE, CCNA, CCNP, MCS
Assess the security risk of identified events and alert.
Analysis of the Patches released by the vendors.
Review operational logs and event console activity to determine cause of security-related events or to identify potential security related events
Raising incident tickets in the incident tracker tool.
Network Penetration Testing, Web Application Penetration Testing, Client Server Security Assessments, Secure Code review, Basic scripting skills in Python/Perl
SIEM Tool Monitoring
Monitor sites for regular security news and updates
Issue alerts on critical security updates to respective teams
Investigate and report violations to the centre's information security policies and compliance standards
Generate daily and weekly reports on applicable virus definition, updates, patches etc.
OSCP – Offensive Security Certified Professional
GPEN – GIAC Certified Penetration Tester
CEH – Certified Ethical Hacker
Bachelor's Degree; MCA/BTech /Bsc (Comp Science/Electronics and communication, or equivalent)
Must be willing to work in Ortigas and/or McKinley, Taguig City