Offensive Security Analyst
Ernst & Young Oman
The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure Management Lead, you will identify, assess and help mitigate vulnerabilities across EY’s global attack surface. This role goes beyond traditional scanning by actively emulating threat actors, performing penetration testing and assessing the true impact of security weaknesses. Your responsibilities will include supporting the validation of third‑party risk assessments, identifying misconfigurations and exposed assets, and ensuring security standards are applied across EY’s digital ecosystem. You will also contribute to strengthening Continuous Threat Exposure Management and Attack Surface Management efforts by providing actionable insights that improve proactive defense and reduce overall business risk. Your key responsibilities The Analyst will apply offensive security techniques to assess EY’s external and internal attack surface, identifying vulnerabilities across web applications, APIs, cloud environments, networks, and infrastructure. This includes testing proof‑of‑concepts to validate exploitability and determine real‑world impact. The role involves emulating adversary tactics to test detection and response capabilities, as well as conducting reconnaissance and asset discovery to uncover unmanaged or exposed assets. The candidate will support third‑party and supply chain risk validation efforts by reviewing assessments or conducting targeted testing where required. Collaborating closely with security engineering, blue teams and business stakeholders, the analyst will help prioritize remediation efforts based on risk severity and exploitability. Additionally, the role will contribute to enhancing processes, playbooks and reporting standards within the Vulnerability Discovery and offensive security functions. Skills and attributes for success Capability to identify and exploit vulnerabilities beyond automated scanning tools like Qualys, Nessus etc. Strong attention to detail with a methodical approach to identifying complex attack paths Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context Ability to manage high volumes of testing requests without compromising depth or quality Flexibility to work across diverse technologies, including cloud, applications and infrastructure Effective communication skills to convey technical findings to both technical and non‑technical audiences Familiarity with research techniques and threat intelligence to support proactive risk identification To qualify for the role you must have A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security Hands‑on experience testing applications, APIs, cloud environments and network infrastructure Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques Familiarity with offensive security methodologies and frameworks Experience supporting or performing third‑party risk assessments Strong analytical and problem‑solving skills with the ability to prioritize risks effectively Strong communication and stakeholder management skills Ideally, you’ll also have OWASP training Incident response experience What we look for We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business’s externally‑exposed vulnerabilities. We are seeking a seasoned analyst to improve the organization’s ability to reduce the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization. What we offer you We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is 76,400 to 138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 91,700 to 157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial and emotional well‑being. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at View email address on click.appcast.io. #J-18808-Ljbffr Ernst & Young Oman
$76.4k - $138.6k
...central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost... ...protect the EY brand and build client trust. Opportunity As an Offensive Security Analyst on the Vulnerability Management team, you will play a...SuggestedSummer holidayFlexible hours- Ernst & Young Oman is looking for an Offensive Security Analyst to assess and reduce digital exposure through penetration testing. You will identify vulnerabilities across web applications, APIs, and networks while collaborating with various teams to improve security standards...Suggested
- ...Job Description: The Security Analyst will be tending to security requests for field and corporate offices. They will also oversee 280+ locations where we manage the standardized camera systems. Must be able to identify and analyze problems when security cameras are not...SuggestedLocal area
- ...communication to appropriately engage with colleagues and vendors. Security incident investigation and management. Identify and analyze... ...review of incidents Job Description: The Security Analyst will be tending to security requests for field and corporate offices...SuggestedLocal area
- ...residents of 15 counties in Illinois and Wisconsin. Job Description Reports to CISO and works with a team of Cyber Security specialists. The Cyber Security Analyst is responsible for identifying risks to the confidentiality, integrity, and availability of our clients...SuggestedWeekend work
- As part of the Security and Network Operations Command Center staff you will be instrumental in supporting customers as part of our managed services and support offerings. All staff will be placed in our on‑the‑job career development program that will allow you to increase...Work experience placementCurrently hiringWork at officeNight shiftDay shiftAfternoon shift
- MVM, Inc. is seeking an International Mail Analyst in Chicago, IL. This part-time role involves supporting inspection service programs related to international mail control and security. The ideal candidate will communicate effectively, demonstrate research proficiencies...Part time
$10 - $15 per hour
...Applicants outside US are encouraged to apply Position: SAP Security Analyst Rate: $10-15 (Depending on your experience) Work Authorization: Any Location: 100% Remote Job Summary SAP security troubleshooting and end user support Experience in GRC...Remote work- ...defined by investigations team lead. Responsibility: ~ Analysts are expected to stay up-to-date on the latest intelligence,... ...fraud methodologies, in order to anticipate new trends. Required Skills : Network Security Additional Skills : Security Analyst
- Philadelphia Company is seeking an IT Security Analyst Tier 2 for its Security Operations Center in Chicago. The role involves investigating incidents, monitoring networks for threats, and collaborating with various teams to enhance security measures. The ideal candidate...
$120.14k
Senior Security Analyst Department: Technology & Innovation, Division: Security Division Positions: 1 (additional vacancies may be added) Not in Career Service Starting Salary: $120,144.00 (new hires are paid the starting rate; current employees are paid per title and...Monday to FridayFlexible hours- Nexum, Inc. is hiring for a Network Operations position in Chicago, which involves supporting customers in network surveillance and technical issues. Candidates should have an associate degree and relevant certifications such as CCNA or CompTIA, with a strong emphasis on...Night shift
$77.4k - $135.4k
Overview In this role, you will serve as a central coordinator for Security demand intake and work management across the enterprise. The Security Demand Analyst plays a key role in enhancing the operational effectiveness of the Information Security organization by managing...- Senior Security Analyst Job Number: 419477 Department: Department of Technology & Innovation, Security Division Position: 1 Days: Monday - Friday Under immediate supervision, the role functions at an advanced level assisting in the administration of IT security services...Immediate startMonday to Friday
- The City of Chicago is hiring a Senior Security Analyst to enhance IT security services across its network. You will oversee application security, manage tools, and conduct risk assessments. Ideal candidates have extensive experience in information security and relevant...
- A technology solutions company is seeking a remote SAP Security Analyst. The role involves troubleshooting SAP security, supporting projects at various stages, and designing new authorization concepts. Candidates should have experience with SAP security, GRC access control...Remote job
$100k - $141.3k
Bank of America is seeking a Cybersecurity Analyst in Chicago, IL, focusing on Unix/Linux systems security. The ideal candidate has 3+ years of experience with strong Unix/Linux knowledge and is responsible for implementing configuration monitoring controls and collaborating...- ...needs. We’re committed to excelling at our job so you can focus on doing yours. Job Description Summary We are seeking an IT Security Analyst Tier 2 for the Security Operations Center (SOC) to conduct investigations of and responses to, incidents that occur on the...
$77.4k - $135.4k
Vizient, Inc. is looking for a Security Demand Analyst in Chicago, IL. The role involves coordinating Security demand intake and management across the enterprise. You will liaise with business stakeholders and facilitate collaboration among teams to ensure requests are...- Motorola Solutions in Chicago is looking for a Business Operations Analyst for the Video Security & Access Control and Mobile Video organizations. This role is pivotal in acting as a liaison between teams and ensuring all orders are shipped as promised. The ideal candidate...
$96.7k - $148.1k
Constellation Brands seeks a Sr. Information Security Analyst in Chicago, IL, responsible for monitoring cybersecurity threats, providing escalation support, and mentoring SOC analysts. The ideal candidate has a Bachelor's in Cybersecurity or related field, at least 5...Full time- Ascent InfoSec is seeking a skilled security professional in Chicago, Illinois, to manage McAfee security solutions, analyze security incidents, and respond to alerts. The ideal candidate will have at least 3 years of experience with McAfee technologies, including ePO...
$57.4k - $86.2k
Northern Trust Corp is seeking an Analyst for Securities Lending operations in Chicago, IL. In this role, you will handle various transactions and ensure timely processing in a fast-paced environment. The successful candidate will have a college degree and strong communication...- ...position, reporting to the Director, Infrastructure, Operations, and Security will strategically and tactically lead the overall defining,... ...security posture and response capability. The security analyst will perform routine system intrusion testing, monitoring of security...Flexible hours
- Insight Global is seeking a Security Analyst who will manage security camera systems for over 280 locations, ensuring they perform optimally. You will troubleshoot any issues that arise, communicate with both field and corporate teams, and coordinate with vendors for service...
- Alignerr is seeking a Security Operations Analyst (AI Training) to evaluate and improve AI systems for modern SOC environments. This role requires expertise in threat detection, alert triage, and incident response while working with leading research labs to develop next...Remote jobFlexible hours
$100k - $141.3k
Koitecc Solutions is seeking a Cybersecurity Analyst based in Chicago, IL. This role focuses on implementing configuration monitoring controls and ensuring Unix/Linux products are securely configured. The ideal candidate will have over 3 years of experience with Unix/Linux...- Key Functions & Required Skills Analyzing root causes of security incidents and alerts. Monitor, escape and respond to security events. Manage McAfee security technologies and solutions, especially ePO, Web Gateway, DLP, IPS, Vulnerability Manager, ATD and TIE. Day...
$96.7k - $148.1k
Sr. Information Security Analyst page is loaded## Sr. Information Security Analystlocations: Rochester, New York: Chicago, Illinois: San Antonio, Texastime type: Full timeposted on: Posted Todayjob requisition id: R-40050**Job Description****Role Summary**The Senior Information...Minimum wageFull timeRemote workShift work$88k - $124k
IG Compliance & Security Analyst Cooley is seeking an IG Compliance & Security Analyst to join the Information Governance & Data Privacy team. Position summary Cooley Information Services (IS) embraces a culture of customer service excellence and all members of the department...Full timeTemporary workWork experience placementFlexible hoursWeekend work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Offensive Security Analyst. Be the first to apply!
- security analyst remote Chicago, IL
- information security compliance analyst Chicago, IL
- cloud security analyst Chicago, IL
- rate analyst Chicago, IL
- senior information security analyst Chicago, IL
- entry level information security analyst Chicago, IL
- security analyst intern Chicago, IL
- security analyst Chicago, IL
- security operations analyst Chicago, IL
- entry level security analyst Chicago, IL

