EY GDS Risk Advisory - Cyber Threat Management Consultant in All, Philippines

Title: GDS Risk Advisory - Cyber Threat Management Consultant

Location: PH-All-Taguig City

Job Number: TAG0001D

Information Security Consultants would be expected to work in one or more of IT Risk and Assurance services which includes Threat and Vulnerability Management, Information security, IT audits and compliance, IT Infrastructure security services and IT risk management. Candidates expected to work actively on customer projects which involves wide range of activities in the areas mentioned above

  • Good understanding in penetration testing and vulnerability assessments

  • Good knowledge of OWASP and Secure SDLC standards

  • Ability to use scanning tools and exploits.

  • Should have performed vulnerability assessment/ penetration testing of web applications, client server applications, mobile applications etc.

  • Knowledge of encryption technologies

  • Experience in performing security code reviews and log analysis.

  • Scripting skills and ability to develop exploits

  • In- depth Knowledge of Linux administration, TCP/IP, Network Security.

  • Experience in performing security configuration reviews OS, Databases, Network devices, security devices, applications etc.

  • Good understanding of networking protocols and application communications

  • Preferred certifications : OSCP, GPEN, CEH, RHCE, CCNA, CCNP, MCS

  • Assess the security risk of identified events and alert.

  • Analysis of the Patches released by the vendors.

  • Review operational logs and event console activity to determine cause of security-related events or to identify potential security related events

  • Raising incident tickets in the incident tracker tool.

Qualifications:

Required Skills:

  • Network Penetration Testing, Web Application Penetration Testing, Client Server Security Assessments, Secure Code review, Basic scripting skills in Python/Perl

  • SIEM Tool Monitoring

  • Monitor sites for regular security news and updates

  • Issue alerts on critical security updates to respective teams

  • Investigate and report violations to the centre's information security policies and compliance standards

  • Generate daily and weekly reports on applicable virus definition, updates, patches etc.

Certifications:

  • OSCP – Offensive Security Certified Professional

  • GPEN – GIAC Certified Penetration Tester

  • CEH – Certified Ethical Hacker

Qualifications:

  • Bachelor's Degree; MCA/BTech /Bsc (Comp Science/Electronics and communication, or equivalent)

  • Must be willing to work in Ortigas and/or McKinley, Taguig City