Company logo for Ernst & Young LLP

Senior Application Security Engineer (DAST / SAST)

Ernst & Young LLP
Atlanta, GA 30301
Posted 60+ days ago

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

Cyber Managed Services - Application Security Engineer - Senior Analyst

Clients worldwide look to our Cybersecurity Managed Services team to provide 24x7 support for a company's environment. Our consultants and analysts work in conjunction with our client teams to identify and resolve potential issues long before they even happen. As senior analysts on our threat intelligence team, you'll be right at the heart of that mission, using your experience to manage tools and technologies in an ever-changing environment. Working closely with consultants across the business you'll help define the future of threat detection for our clients.

The Opportunity

In EY's Cyber Center based in Dallas, Texas or Alpharetta, GA, there is no such thing as a typical day - every day brings forth new objectives and challenges to solve. We are seeking experienced analysts keen to support our client challenges and provide exceptional client service

As an Application Security Engineer, you will play a critical role in providing the quality support services to organizations managing their environment. We look for individuals who have a passion for identifying and fixing vulnerabilities in software and applications. You can expect to work across multiple industries, support complex environments, and develop key client relationships.

Your Key Responsibilities

  • Support center services with dynamic application security testing including troubleshooting, task scheduling, and continuous process improvement
  • Interface with our clients and work with offshore teams to execute dynamic testing and triaging
  • Assist and lead continuous process and quality improvement initiatives
  • Develop metrics (e.g., tracking, dashboards, aggregation of data) associated with monthly and quarterly reporting
  • Develop and deliver meaningful hands-on training for our clients and internal teams.

Skills and Attributes for Success

  • Supporting a wide range of threat exposures services, including web, application, software security, vulnerability management and testing
  • Staying informed on the latest industry and trends, risks and opportunities, especially regarding vendors and competitors
  • Communicating issues and escalating where necessary to promote collaboration, innovation and timely service
  • Build trusted relationships with client stakeholders.
  • Collaboration with global team members

To qualify for the role you must have

  • A bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field
  • Three to five years of work experience in dynamic application security testing to configure/analyze/troubleshoot scans
  • Direct experience in Tier 2/3 application security including scripting and automation associated with DAST tools
  • Troubleshooting experience such as looking at stack trace and logs
  • Understanding of web application and web services architecture
  • Knowledge and understanding of security vulnerability including OWASP 10
  • Work with scanning tools such as WebInspect, Fortify Software Security Center, Qualys, Acunetix, and Burp
  • Skills to combine sound technical and security principles with a problem solving approach
  • Foresight to prioritize effectively when working on multiple projects, often with strict deadlines

Ideally, you'll also have

  • Experience preparing SQL statements with MySQL, SQL server, Access
  • Experience with build environments/tools (e.g., VSTS, Jenkins, Maven, GIT)
  • Experience with postman and swagger for REST API and RESTful web services testing using DAST tools
  • Experience with ticketing and workflow tools like ServiceNow, Archer, Jira
  • Knowledge of automation frameworks - preferably Selenium
  • SANS associated certs and training
  • Other security/IT community certifications a plus - preferably CISSP

What we look for

We're most interested in your attention to detail, and ability to deliver high quality work every time. A drive to provide high quality client service support is key to success at EY.

What working at EY offers

We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, both pension and 401(k) plans, a minimum of 22 days of vacation plus ten observed holidays and three paid personal days, and a range of programs and benefits designed to support your physical, financial and social well-being. Plus, we offer:

  • Support, coaching and feedback from some of the most engaging colleagues around
  • Opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that's right for you

About EY

As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Build your legacy with us.

Apply now.

Responsibilities, Qualifications, Certifications - External

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

CYBERFY22

What we offer

We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

  • Continuous learning: You'll develop the mindset and skills to navigate whatever comes next.
  • Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way.
  • Transformative leadership: We'll give you the insights, coaching and confidence to be the leader the world needs.
  • Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It's yours to build.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.

EY is committed to providing reasonable accommodation to individuals with disabilities. If you are a qualified individual with a disability and either need assistance applying online or need to request an accommodation during the interview process, please call 1-800-EY-HELP3, type Option 2 (HR-related inquiries) and then type Option 1 (HR Shared Services Center), which will route you to EY's Talent Shared Services Team or email SSC Customer Support at ssc.customersupport@ey.com.

Apply