Logo of Huzzle

Auditeur Expérimenté en Cyber Sécurité F/H (Paris)

image

EY

7d ago

  • Job
    Full-time
    Mid Level
  • Consulting
    IT & Cybersecurity
  • Paris

AI generated summary

  • You should have 3+ years in penetration testing or app security, coding skills (Bash/Python), relevant certs, fluent English, strong soft skills, and a degree in information security.
  • You will conduct security audits, penetration tests, and code reviews, mentor juniors, enhance tools, engage in OSINT, and share knowledge within the team.

Requirements

  • Expérience significative d’au moins 3 ans dans les tests d’intrusion ou dans la sécurité applicative.
  • Idéalement à l’aise dans au moins un langage d’automatisation (Bash, Powershell, Python, Go…) et détenteur de l’une des certifications professionnelles suivantes : SANS GCPN/GPEN/GXPN/GWAPT, Offensive Security OSCP, OSCE, OSWE.
  • Niveau d’anglais courant (oral et écrit).
  • Un panel de savoir-être : forte volonté d’apprendre et d’innover, rigueur, autonomie, curiosité, proactivité, bon sens relationnel, dynamisme, sens de l’engagement, esprit d’équipe, goût du challenge, bonnes compétences rédactionnelles.
  • Diplômé(e) d’une formation supérieure de haut niveau, avec une spécialisation en sécurité de l’information.

Responsibilities

  • Participer à des missions de sécurité offensive (Red Team et Purple Team)
  • Réaliser des Audits de sécurité en autonomie :
  • Tests Intrusion Web, Internes et Mobiles
  • Audit D’architectures sur tout type d’infrastructures (Cloud, On Premise, DevSecOps, etc.)
  • Revues de configuration sur différentes technologies (systèmes d’exploitation, bases de données, équipements réseaux, solutions logicielles, environnement cloud, etc.)
  • Audit de code source sur différents langages et frameworks
  • Participer à l’accompagnement et l’évolution des profils junior au sein de l’équipe
  • Participer au développement et à l’amélioration des outils et référentiels utilisés par l’équipe : plateforme de cassage de mots de passe, plateforme de phishing, environnement de test Active Directory, outils d’analyse automatisés d’environnement et de configuration, Infrastructure as Code, etc.
  • Participer à des missions d’OSINT (Open Source Intelligence)
  • Participer à l’animation de la communauté interne de partage de connaissances

FAQs

What is the primary responsibility of the Auditeur Expérimenté en Cyber Sécurité at EY?

The primary responsibility includes participating in security missions (Red Team and Purple Team), conducting security audits, and supporting the development and improvement of tools and frameworks.

What kind of experience is required for this position?

A significant experience of at least 3 years in penetration testing or application security is required.

Is there a specific educational background needed for this role?

Yes, candidates should have a higher education degree with a specialization in information security.

Are there opportunities for professional development?

Yes, employees have the opportunity to participate in specialized cybersecurity training and pursue certification courses throughout their career at EY Cyber.

Is proficiency in English necessary for this position?

Yes, a fluent level of English, both oral and written, is required.

What qualifications or certifications are preferred for applicants?

Candidates should ideally be comfortable with at least one automation language (e.g., Bash, Powershell, Python, Go) and hold certifications such as SANS GCPN/GPEN/GXPN/GWAPT, Offensive Security OSCP, OSCE, or OSWE.

How does the recruitment process at EY work?

The recruitment process typically consists of four stages of interviews (HR, operational, Partner) and may include a technical test.

Does EY offer any benefits to its employees?

Yes, EY provides a comprehensive package including an annual discretionary bonus, participation bonuses, reduced working time (RTT), advantageous health insurance, meal vouchers, and reimbursement for public transport up to 75%.

Are there opportunities for team collaboration in this role?

Yes, the role involves participating in mentoring junior team members and contributing to the internal knowledge-sharing community.

Is there a focus on corporate social responsibility at EY?

Yes, EY places a strong emphasis on Corporate Social Responsibility and aims to evolve its internal practices to promote sustainability and inclusion.

Accounting
Industry
1-10
Employees

Mission & Purpose

EY exists to build a better working world, helping create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Find out more about the EY global network http://ey.com/en_gl/legal-statement