Cyber SDC - Vulnerability Management Project Lead - Senior - Consulting - Location OPEN

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. We’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself and a better working world for all.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

We are seeking an experienced Vulnerability Management (VM) Cyber Managed Services Senior to join our team in designing, implementing, and managing our vulnerability management service offering. The ideal candidate will have a strong background in vulnerability management tools and services and experience working within a cybersecurity team. This role involves creating tailored solutions for clients to deploy and run effective vulnerability management programs, combining technical expertise with an understanding of business risks.

1. Develop rapport with others by understanding their concerns, needs, and issues, and develop internal relationships for advice and support.
2. Monitor progress, manage risk, and keep stakeholders informed about progress and outcomes.
3. Stay updated on current business and industry trends relevant to cybersecurity.
4. Assist engagement teams in evaluating client vulnerability management programs across people, process, and technology.
5. Work with teams to own parts of vulnerability management solutions tailored to client environments.
6. Perform vulnerability assessments to identify control weaknesses and evaluate the effectiveness of controls.

• Familiarity with security standards like ISO 27001, CIS, PCI DSS, NIST, ITIL, COBIT.
• Knowledge of Windows, Linux, UNIX, and cloud-based operating systems.
• Operational experience with vulnerability management tools (e.g., Qualys, Nexpose).
• Ability to evaluate and select vulnerability management tools.
• Ability to conduct root cause analysis of vulnerabilities and determine solutions.
• Knowledge of cybersecurity concepts including vulnerability management, privacy, incident response, governance, and risk management.
• Experience with scripting languages (e.g., Python, PowerShell).
• Ability to develop metrics using Excel or Power BI.
• Understanding of web vulnerabilities (OWASP Top 10), cloud security, and architecture.
• Experience with factors like EPSS, CVSS, CISA KEV, and threat intelligence sources.
• Proficiency with CVE and CWE frameworks.
• Experience in developing metrics for technical and executive audiences.

1. Bachelor’s degree with 2+ years of related experience, or graduate degree with 1-2 years of experience.
2. Experience in vulnerability management and using related tools.
3. Experience providing Vulnerability Management services across industries.
4. Strong communication skills for interaction with management, SMEs, and partners.
5. Willingness to travel and a valid US driver’s license.

• Strong interpersonal and analytical skills.
• Consulting experience preferred.
• Cybersecurity certifications like CISSP, CEH, GSEC are a plus.

We seek curious professionals passionate about cybersecurity, with expertise in Vulnerability Management and a drive to innovate. Strong technical and presentation skills are essential.

Competitive compensation, benefits, and a flexible, hybrid work model. Salaries range based on location and experience, complemented by health, retirement, and paid time off benefits. We support your development through continuous learning, leadership, diversity, and inclusion initiatives.

Interested candidates meeting the criteria are encouraged to apply promptly. EY is committed to building a better working world through diverse and inclusive teams, operating with integrity and professionalism worldwide.