Senior Consultant - Tech Consulting - Cybersecurity - Penetration Testing - KSA - Saudi National
EYRiyadh, Saudi ArabiaSenior Consultant - Tech Consulting - Cybersecurity - Penetration Testing - KSA - Saudi National EY
Location : Riyadh, Saudi Arabia
We’re looking for a senior consultant with hands‑on expertise in offensive security engagements to join our Cyber Technology Consulting team. This is a fantastic opportunity to be part of a leading firm.
Key Responsibilities
Execute advanced penetration testing, red team engagements, and adversary simulation exercises for enterprise and government clients.
Identify vulnerabilities, exploit them in controlled scenarios, and provide actionable recommendations to improve security posture.
Conduct penetration testing across web, mobile, APIs, cloud, and network environments (internal and external).
Execute red team and purple team operations, including social engineering, OSINT, and physical security assessments.
Perform secure code reviews, wireless security assessments, and application security consulting.
Develop and execute adversarial attack simulations leveraging commercial and open‑source frameworks (e.g., Cobalt Strike, Brute Ratel, NightHawk, Havoc, Mythic, Sliver, Merlin).
Stay updated with emerging cyber threats and incorporate findings into client engagements.
Develop detailed reports, articulate findings, and deliver actionable recommendations to technical teams and executives.
Support pre‑sales activities such as scoping, proposal writing, and client workshops.
Skills & Attributes for Success
Collaborate with engagement team to plan engagement and develop work program timelines, risk assessments, and supporting documents.
Interpret technical results and present insights to business stakeholders.
Strong analytical, problem‑solving, and critical‑thinking skills.
Excellent communication and collaboration skills.
Deep technical understanding of offensive security methodologies, including network penetration testing, web application testing, and adversary simulation.
Qualifications
Bachelor’s degree in computer science, cybersecurity, or related field.
4–6 years of hands‑on experience in penetration testing, red teaming, or exploit development.
Proficiency in at least two of : web / mobile / thick client testing; internal / external network testing; secure code review & application security consulting; wireless assessments; social engineering & red team assessments.
Understanding of two domains : common web technologies, application architecture, cloud platforms (AWS, Azure, GCP), networking, DevOps pipelines / CI / CD security.
Hands‑on expertise with offensive tools such as Burp Suite, Metasploit, BloodHound, Cobalt Strike, Sliver, Havoc.
Knowledge of MITRE ATT&CK, OWASP Top 10, NIST SP 800‑115, and red team methodologies.
Valid passport for travel.
Excellent communication skills and consulting mindset.
Preferred
Relevant cybersecurity certifications such as OSCP, OSCE, OSWE, OSEP, OSEE, GXPN, CRTO, SANS GWAPT, GPEN.
Experience in offensive security engagements and strong understanding of security frameworks and methodologies.
Benefits
Competitive compensation package.
Continuous learning; growth mindset development.
Transformative leadership, coaching, and confidence building.
Diverse and inclusive culture.
If you meet the criteria above, please contact us as soon as possible.
EY – Building a better working world
#J-18808-Ljbffr
إنشاء تنبيه وظيفي لهذا البحث
Senior Consultant • Riyadh, Saudi Arabia
- عَرْضٌ مُرَوَّجٌ له
Senior Consultant - Tech Consulting - Cybersecurity - Penetration Testing - KSA - Saudi National
Ernst & Young Advisory Services Sdn BhdRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Director - Tech Consulting - Cybersecurity - Threat Management & SOC - KSA
EYRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Senior Technical Security Consultant (On-Site Project Lead, Saudi Arabia)
AcuTech Group, Inc.Quwayiyah, Riyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Director - Tech Consulting - Cybersecurity - Data Privacy & Protection - KSA
Ernst & Young Advisory Services Sdn BhdRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Senior Technical Security Consultant (On-Site Project Lead, Saudi Arabia)
AcuTech Consulting GroupRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
){kind=logo}
IT Consultant Cybersecurity - Platinion
Boston Consulting Group (BCG)Riyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Senior Consultant, Security Risk Consulting
Control Risks Group Holdings LtdRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Senior Consultant - Enterprise Risk - Risk Consulting - Capital Projects
EYRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Director - Tech Consulting - Cybersecurity - Pen. Testing - KSA
Ernst & Young Advisory Services Sdn BhdRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Director - Tech Consulting - Cybersecurity - Threat Management & SOC - KSA
Ernst & Young Advisory Services Sdn BhdRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Senior Manager - Cybersecurity Operational Technology
Qiddiya Investment CompanyRiyadh, Riyadh Region, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Senior Cybersecurity Specialist
Dal دالRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
IT Consultant Cybersecurity - Platinion
Boston Consulting GroupRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Senior Consultant - Tech Consulting - Cybersecurity - Penetration Testing - KSA - Saudi National
WomenTech NetworkRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Director - Tech Consulting - Cybersecurity - Pen. Testing - KSA
EYRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Cyber Security Senior Consultant
DevoteamRiyadh, Riyadh Region, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
Cybersecurity Consultant
Tap PaymentsRiyadh, Saudi Arabia- عَرْضٌ مُرَوَّجٌ له
