Cyber SDC - Attack Surface Monitoring Analyst - Senior - Consulting - Location OPEN

Join to apply for the Cyber SDC - Attack Surface Monitoring Analyst - Senior - Consulting - Location OPEN role at EY

2 weeks ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. We value your unique voice and perspective to help EY improve. Join us to create an exceptional experience for yourself and contribute to a better working world for all.

EY emphasizes high ethical standards and integrity among its employees, expecting all candidates to demonstrate these qualities.

In an evolving IT landscape, EY is a trusted partner for clients across industries seeking reliable cybersecurity solutions. As part of our Cloud Security team, you will help clients understand and manage their complex Enterprise Identity environments by evaluating, enhancing, and developing innovative IAM solutions, processes, and policies. This role combines technical expertise with business insight to make a global impact.

We seek an experienced Attack Surface Monitoring professional to join as a Lead Engineer. Your responsibilities include identifying and managing the attack surface through monitoring and analysis, with a focus on OSINT and reconnaissance techniques, and assessing externally accessible resources.

1. Conduct OSINT and reconnaissance to discover external resources.
2. Review assets manually to confirm ownership.
3. Collaborate with teams for accurate asset classification.
4. Perform port scans, service discovery, and vulnerability scans.
5. Analyze results to identify vulnerabilities.
6. Verify vulnerabilities manually for accuracy.
7. Compile technical reports on vulnerabilities.

1. Experience in cybersecurity, attack surface monitoring, penetration testing, and vulnerability management.
2. Knowledge of OSINT techniques and reconnaissance methodologies.
3. Proficiency with network scanning tools and frameworks.
4. Strong analytical and problem-solving skills.
5. Excellent documentation skills.

1. Bachelor’s degree in a related field with about 4 years of experience, or a graduate degree with about 3 years of experience.
2. Experience in attack surface monitoring, penetration testing, or vulnerability projects.
3. Updated knowledge of exploits and security trends.
4. Hands-on experience with OSINT and vulnerability scanners.
5. Valid US driver’s license and/or passport; willingness to travel.

1. Knowledge of Windows, Linux, Unix, and other OS.
2. Certifications like OSCP, OSWP, GPEN, GWAPT, etc.
3. Experience with scripting languages such as Python or Bash.
4. Familiarity with exploits, TTPs, and security trends.
5. Understanding of network security and web vulnerabilities (OWASP Top 10).
6. Strong communication skills and team collaboration abilities.

We seek intellectually curious individuals passionate about cybersecurity, ready to innovate and grow into industry leaders. Your confidence in presentation and technical skills will help you make a significant industry impact.

Our comprehensive package includes competitive salary ranges ($73,100 to $132,900 nationally; higher in certain regions), benefits such as health coverage, retirement plans, paid time off, and a flexible hybrid work model. We support your continuous learning, leadership growth, and inclusion efforts, helping you make a meaningful impact in your way.

EY accepts applications continuously. If you meet the criteria, contact us promptly.

EY is committed to building a better working world through trust, diversity, and innovation across over 150 countries. We provide equal employment opportunities and reasonable accommodations for applicants with disabilities.

• Senior level: Mid-Senior level
• Employment type: Full-time
• Job functions include Business Development and Sales, within Professional Services industries