Offensive Security Analyst
Ernst & Young Oman
The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure Management Lead, you will identify, assess and help mitigate vulnerabilities across EY’s global attack surface. This role goes beyond traditional scanning by actively emulating threat actors, performing penetration testing and assessing the true impact of security weaknesses. Your responsibilities will include supporting the validation of third‑party risk assessments, identifying misconfigurations and exposed assets, and ensuring security standards are applied across EY’s digital ecosystem. You will also contribute to strengthening Continuous Threat Exposure Management and Attack Surface Management efforts by providing actionable insights that improve proactive defense and reduce overall business risk. Your key responsibilities The Analyst will apply offensive security techniques to assess EY’s external and internal attack surface, identifying vulnerabilities across web applications, APIs, cloud environments, networks, and infrastructure. This includes testing proof‑of‑concepts to validate exploitability and determine real‑world impact. The role involves emulating adversary tactics to test detection and response capabilities, as well as conducting reconnaissance and asset discovery to uncover unmanaged or exposed assets. The candidate will support third‑party and supply chain risk validation efforts by reviewing assessments or conducting targeted testing where required. Collaborating closely with security engineering, blue teams and business stakeholders, the analyst will help prioritize remediation efforts based on risk severity and exploitability. Additionally, the role will contribute to enhancing processes, playbooks and reporting standards within the Vulnerability Discovery and offensive security functions. Skills and attributes for success Capability to identify and exploit vulnerabilities beyond automated scanning tools like Qualys, Nessus etc. Strong attention to detail with a methodical approach to identifying complex attack paths Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context Ability to manage high volumes of testing requests without compromising depth or quality Flexibility to work across diverse technologies, including cloud, applications and infrastructure Effective communication skills to convey technical findings to both technical and non‑technical audiences Familiarity with research techniques and threat intelligence to support proactive risk identification To qualify for the role you must have A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security Hands‑on experience testing applications, APIs, cloud environments and network infrastructure Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques Familiarity with offensive security methodologies and frameworks Experience supporting or performing third‑party risk assessments Strong analytical and problem‑solving skills with the ability to prioritize risks effectively Strong communication and stakeholder management skills Ideally, you’ll also have OWASP training Incident response experience What we look for We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business’s externally‑exposed vulnerabilities. We are seeking a seasoned analyst to improve the organization’s ability to reduce the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization. What we offer you We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is 76,400 to 138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 91,700 to 157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial and emotional well‑being. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at View email address on click.appcast.io. #J-18808-Ljbffr
$76.4k - $138.6k
...central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost... ...to market and business value. The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key...SuggestedSummer holidayLocal areaFlexible hours$72.4k - $108.6k
...part of projects that will define your career, now and in the future. Roles and Responsibilities Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security...SuggestedContract workWork at officeRemote workRelocationShift work$96.56k - $124.96k
...Join Dorsey's Information Security team as a GRC Information Security Systems Analyst to help safeguard our firm and clients by driving high-impact security initiatives across audits, risk, governance, and compliance. Reporting directly to the Information Security Systems...SuggestedContract workTemporary workCurrently hiringWork at officeWorldwideFlexible hours- ...Position Security Analyst Duration 1 year Location Sanit Paul, MN Job Description This role maintains visibility into potential threats and leads incident response efforts. It supports the protection of the confidentiality, integrity, and availability of Council systems...Suggested
$37.76 - $63.07 per hour
...have a valid driver’s license and be free of any major traffic violations for the last three (3) years. Desirable Qualifications Security+ GSEC (SANS GIAC Security Essentials). GCIH: (SANS GIAC Certified Incident Handler). Certified Ethical Hacker (CEH). Other technology...SuggestedHourly payWork at office$73.7k - $104.63k
...for overseeing the testing lifecycle, including the planning, test data preparation and execution. Responsible for providing cyber security guidance, identification, evaluation, design, development, implementation and integration of cyber security solutions, products...Full timeTemporary workFor contractors- ...Job Description The Associate Security Analyst - Cloud Vendor Risk Management supports security assessments of third-party cloud vendors within the Digital Security function. This role helps maintain and improve vendor risk management processes, with a strong focus on...Contract workInternshipWork at office
- ...The Thomson Reuters Information Security and Risk Management (ISRM) organization is seeking a Security Operations Analyst to join our growing global Security Operations Center (SOC). The candidate will join a team responsible for managing cybersecurity alerts, events,...Work at officeRemote workFlexible hoursShift work2 days per week3 days per week
$105k - $144k
ARMA International is seeking an experienced Information Security Assurance Analyst in Maple Grove, MN. This role focuses on strengthening cybersecurity governance and compliance efforts and emphasizes protecting critical systems and information assets. Candidates must...$78.9k - $123.3k
...system authorization and continuous monitoring activities within a Federal environment. This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal cybersecurity requirements, and maintaining...Permanent employmentFull timePart timeWork at officeLocal areaRemote work$105k - $144k
Information Security Assurance Analyst Application due date: June 25, 2026 Location: Maple Grove, MN (Eligible for hybrid schedule in MN) Applicants must be authorized to work in the U.S. without restriction. Visa sponsorship is not available. Ability to obtain and...$105k - $144k
Duck River Electric Membership Corporation is looking for an experienced Information Security Assurance Analyst to bolster cybersecurity governance and compliance efforts. You will protect critical systems, contribute to regulatory compliance, and strengthen the electric...- Apex Systems is looking for a Business Analyst for a 9-month engagement to support infrastructure-focused security initiatives in Hopkins, Minnesota. The ideal candidate will analyze current processes and drive improvements to enhance governance and operational consistency...
$50 - $62 per hour
KellyMitchell Group is seeking a Business Process Analyst to support infrastructure-focused security initiatives in a hybrid work environment based in Hopkins, MN. This role involves analyzing processes, identifying gaps, and driving improvements within an enterprise technology...Hourly payContract work$24.18 - $32.21 per hour
...of your career. Try new things, learn new skills and discover what you excel at—all from Day One. Job Description As a Security Master & Pricing Analyst you'll play an important role in supporting the security master and pricing functions within U.S. Bancorp Investments...Full timeTemporary workWork experience placementWork at officeLocal area3 days per week$152k - $220k
...emulation exercises, including both stealth and overt operations.The Director will shape an automation-first and intelligence-driven offensive security program, leveraging AI-enabled operations, testing orchestration, attack simulation, data-driven prioritization, and...Permanent employmentContract workRemote workRelocation package$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work- ...Overview Work with the best! Per Mar Security, an industry leader in providing integrated security solutions, is seeking hardworking, motivated people. Established in 1953, Per Mar Security Services is the largest, family-owned, full-service security company in the Midwest...Full timeLocal areaImmediate startShift work
- ..., enforces State laws and City ordinances, and protects life and property. Assists in investigating and/or preventing criminal offenses, accidents, and other problem areas. Apprehends and controls offenders. Responds to medical emergencies and applying appropriate...Full timeTemporary workImmediate startRemote workFlexible hours
$86.59k - $112.17k
...current Restraining or Harassment Order of Protection? (MPD Standard) Yes No 08 List all of your criminal offenses in the last 10 years including if you were listed as a suspect and never charged. If so, list why, when, and the outcome (also are...Full timeTrial periodVisa sponsorshipWork visaFlexible hoursShift work$21.3 - $24 per hour
...Information $1.00 per hour overnight differential, Overnight Shift Preferred Job Number 26078057 Job Category Loss Prevention & Security Location 30 S 7th St, Minneapolis, Minnesota, United States, 55402 VIEW ON MAP ( Schedule Full Time Located Remotely? N...Hourly payFull timeWork experience placementRemote workShift workNight shift- Cyber Advisors is seeking a Senior Specialist for their Offensive Security team to lead and execute penetration tests. This fully remote position allows you to ensure the safety of our clients by uncovering vulnerabilities before adversaries do. The ideal candidate will...Remote job
$20 per hour
...Join a Global Leader in Aviation Security! ACTS Airport Services has immediate full-time openings for Aviation Security Officers for our 1st shift at the Minneapolis/St. Paul International Airport. The shift time is: 6:00am - 2:00pm. ACTS offers competitive wages and...Hourly payFull timeContract workLocal areaImmediate startShift workNight shiftWeekend workDay shiftAfternoon shift$15 - $20.4 per hour
...with peers and supervisors to accomplish tasks ~ Able to work a flexible schedule to support business needs ~0-2 years retail or security experience Benefits include: Associate discount; EAP; smoking cessation; bereavement; 401(k) Associate contributions;...Hourly payTemporary workLocal areaHome officeFlexible hours- ...Security Assistant Major duties and responsibilities include: Physical Security Support: monitors and responds to alarms; traces access patterns, programming, assigns or removes user permissions, and remotely opens and secures doors during routine and emergency...Full timeLocal areaRemote workRelocation packageShift work
- ...Summary This position serves as the Security Assistant for Police Service within the Minneapolis, Minnesota Veterans Health Administration (VHA) with a primary purpose to monitor physical security equipment and systems. Major duties and responsibilities include: ** This...Full timePart timeSeasonal workWork at officeLocal areaRemote workRelocation packageShift workRotating shift
$66k - $89k
...offers a career-defining opportunity. Job Summary Wipfli Corporate Finance Advisors, LLC is looking for a talented and highly-motivated Analyst to join its team in the Twin Cities office. WCF is the investment banking and corporate finance arm of Wipfli Advisory LLC,...Temporary workWork at officeLocal areaFlexible hours- ...families, private equity firms, and other private business owners. As our M&A practice continues to grow rapidly, we are expanding our analyst classes and are looking for first-year and second-year Investment Banking Analysts to join our team in Minneapolis, MN, with an...Full timeInternshipImmediate start
$115k - $130k
Job Duties STG- Reserving - Senior Actuarial Consultant Locations: Chicago, New York, New York, Bloomington MN Aon's Strategy and Technology Group (STG) are seeking an experienced actuarial student to join their team and help to accelerate the development of their...Full timeTemporary workPart timeLocal areaShift work- ...Security Assistant This position serves as the Security Assistant for Police Service within the Minneapolis, Minnesota Veterans Health Administration (VHA) with a primary purpose to monitor physical security equipment and systems. Major duties and responsibilities...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Offensive Security Analyst. Be the first to apply!
- entry level information security analyst Minneapolis, MN
- senior information security analyst Minneapolis, MN
- security advisor Minneapolis, MN
- security coordinator Minneapolis, MN
- security specialist Minneapolis, MN
- network security consultant Minneapolis, MN
- security systems specialist Minneapolis, MN
- security consultant Minneapolis, MN
- security policy analyst
- security operations analyst


