Cyber SDC - Attack Surface Monitoring Analyst - Senior - Consulting - Location OPEN

Join to apply for the Cyber SDC - Attack Surface Monitoring Analyst - Senior - Consulting - Location OPEN role at EY.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. We value your unique voice and perspective to help EY improve. Join us to create an exceptional experience for yourself and a better working world for all.

The exceptional EY experience. It's yours to build.

EY emphasizes high ethical standards and integrity among its employees, expecting all candidates to demonstrate these qualities.

In an evolving IT landscape, EY is a trusted partner for clients across industries, providing reliable solutions to address risks and vulnerabilities. As part of our Cloud Security team, you will help clients understand and manage their complex Enterprise Identity environments by evaluating, improving, and developing innovative solutions, processes, and policies tailored to their IAM needs. This role offers an opportunity to leverage your technical skills and business insight to impact global cybersecurity.

We seek an experienced Attack Surface Monitoring professional to join our cybersecurity team as a Lead Engineer. Your responsibilities will include identifying and managing the attack surface through monitoring and analysis, requiring strong OSINT and reconnaissance skills, and conducting assessments of external resources.

• Conduct OSINT and reconnaissance to discover external resources related to the organization.
• Review discovered assets manually to confirm they are company-owned.
• Work with internal teams to classify assets accurately.
• Perform port scans, service discovery, and low-impact vulnerability scans.
• Analyze scan results to identify vulnerabilities.
• Verify vulnerabilities manually for accuracy and relevance.
• Prepare technical reports on verified vulnerabilities.

• Experience in cybersecurity, attack surface monitoring, penetration testing, and vulnerability management.
• Deep knowledge of OSINT techniques and reconnaissance methodologies.
• Proficiency with network scanning tools and vulnerability assessment frameworks.
• Strong analytical, problem-solving, and documentation skills.

• Bachelor's degree in a related field with approximately 4 years of experience, or a graduate degree with about 3 years of experience.
• Experience in attack surface monitoring, penetration testing, or vulnerability projects.
• Updated knowledge of exploits and security trends.
• Hands-on experience with OSINT techniques and vulnerability scanners.
• Valid driver’s license and/or passport; willingness to travel.

• Knowledge of Windows, Linux, Unix, and other OS.
• Certifications like OSCP, OSWP, GPEN, GWAPT, etc.
• Experience with scripting languages (Python, Bash).
• Familiarity with exploits, TTPs, vulnerability remediation, and security trends.
• Understanding of network security, attack vectors, and web vulnerabilities (OWASP Top 10).
• Excellent communication and teamwork skills.

We seek intellectually curious individuals passionate about cybersecurity. Your broad ASM exposure will enable you to contribute innovative ideas and grow into a leading expert. If you are confident in your presentation and technical skills, this role is for you.

We provide a comprehensive compensation and benefits package, including salary ranges ($73,100 to $132,900 in the US; higher in NY, WA, CA), medical/dental coverage, pension, 401(k), and paid time off. Our hybrid work model expects most client-facing staff to work in person 40-60% of the time. We support flexible vacation and time off for holidays, breaks, and personal needs.

• Continuous learning and development opportunities.
• Success defined by you, with tools and flexibility to impact your way.
• Transformative leadership with coaching and confidence building.
• Diverse, inclusive culture that embraces individual identities and voices.

EY accepts applications on an ongoing basis. If you meet the criteria, contact us promptly.

EY is committed to building a better working world by creating value for clients, employees, and society, fostering trust through assurance, and helping clients grow, transform, and operate globally.

For California residents, additional information is available here.

We are an equal opportunity employer and provide reasonable accommodations for individuals with disabilities or veterans. For assistance, contact 1-800-EY-HELP3 or email ssc.customersupport@ey.com.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job functions: Business Development and Sales, Professional Services