Offensive Security Analyst
Ernst & Young Oman
The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure Management Lead, you will identify, assess and help mitigate vulnerabilities across EY’s global attack surface. This role goes beyond traditional scanning by actively emulating threat actors, performing penetration testing and assessing the true impact of security weaknesses. Your responsibilities will include supporting the validation of third‑party risk assessments, identifying misconfigurations and exposed assets, and ensuring security standards are applied across EY’s digital ecosystem. You will also contribute to strengthening Continuous Threat Exposure Management and Attack Surface Management efforts by providing actionable insights that improve proactive defense and reduce overall business risk. Your key responsibilities The Analyst will apply offensive security techniques to assess EY’s external and internal attack surface, identifying vulnerabilities across web applications, APIs, cloud environments, networks, and infrastructure. This includes testing proof‑of‑concepts to validate exploitability and determine real‑world impact. The role involves emulating adversary tactics to test detection and response capabilities, as well as conducting reconnaissance and asset discovery to uncover unmanaged or exposed assets. The candidate will support third‑party and supply chain risk validation efforts by reviewing assessments or conducting targeted testing where required. Collaborating closely with security engineering, blue teams and business stakeholders, the analyst will help prioritize remediation efforts based on risk severity and exploitability. Additionally, the role will contribute to enhancing processes, playbooks and reporting standards within the Vulnerability Discovery and offensive security functions. Skills and attributes for success Capability to identify and exploit vulnerabilities beyond automated scanning tools like Qualys, Nessus etc. Strong attention to detail with a methodical approach to identifying complex attack paths Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context Ability to manage high volumes of testing requests without compromising depth or quality Flexibility to work across diverse technologies, including cloud, applications and infrastructure Effective communication skills to convey technical findings to both technical and non‑technical audiences Familiarity with research techniques and threat intelligence to support proactive risk identification To qualify for the role you must have A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security Hands‑on experience testing applications, APIs, cloud environments and network infrastructure Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques Familiarity with offensive security methodologies and frameworks Experience supporting or performing third‑party risk assessments Strong analytical and problem‑solving skills with the ability to prioritize risks effectively Strong communication and stakeholder management skills Ideally, you’ll also have OWASP training Incident response experience What we look for We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business’s externally‑exposed vulnerabilities. We are seeking a seasoned analyst to improve the organization’s ability to reduce the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization. What we offer you We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is 76,400 to 138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 91,700 to 157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial and emotional well‑being. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at View email address on click.appcast.io. #J-18808-Ljbffr Ernst & Young Oman
$76.4k - $138.6k
...central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost... ...to market and business value. The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key...SuggestedSummer holidayLocal areaFlexible hours- Ernst & Young Oman is looking for an Offensive Security Analyst to join the Attack Surface Management team. You will be responsible for evaluating and reducing EY’s digital exposure through penetration testing and adversarial simulations. This role requires a minimum of...Suggested
$40 - $44 per hour
...Direct message the job poster from Gentis Solutions Sailpoint Analyst Duration: 6-Month Contract-to-Perm Rate: $40-$44/hour | Equivalent... ...the Role Our client is seeking a highly skilled SailPoint Jr. Security Analyst for a hybrid role based in Columbus, OH. This position...SuggestedPermanent employmentFull timeContract workWork experience placementWork at officeImmediate start- Insight Global is seeking a UAA Information Security Analyst in Columbus, Ohio, responsible for monitoring access requests and incidents to ensure compliance with security standards. This role involves providing technical assistance to colleagues regarding access needs...Suggested
- VigorCare Pediatric Services is seeking a highly skilled and experienced Security Analyst to join our team in Columbus, Ohio. As a Security Analyst, you will be responsible for ensuring the security and integrity of our company's information systems and data. Key Responsibilities...Suggested
$40 - $50 per hour
...Job Title: IT Security Analyst – Junior Location: Columbus, OH (Hybrid – 3 days onsite per week, Thursday required) Duration: 1-Year Contract (Contract-to-Hire) Rate: $40 - $50/hr (W2) Work Authorization: Must be authorized to work in the United States. Sponsorship...Contract workH1bLocal area3 days per week- ...Description M1 Global is seeking an SOC Analyst who views security as a core component of operational excellence. This role serves as a centralized hub for physical security operations, responsible for real-time alarm monitoring, incident triage, and coordinated response...Night shiftRotating shift
- ...Description M1 Global is seeking an SOC Analyst who views security as a core component of operational excellence. This role serves as a centralized hub for physical security operations, responsible for real-time alarm monitoring, incident triage, and coordinated...Night shiftRotating shift
$24 - $25 per hour
...Security Operations Center (SOC) Analyst - M1 Global Show All Jobs Apply Show Map Location Main, Columbus, OH, 43210, United States Base Pay $24.00 - $25.00 / Hour Job Category Free Snacks, 2 Weeks PTO, Full-Time Industry Security, Data Center, Tech...Full timeNight shiftRotating shift$24 - $25 per hour
...Main, Columbus, OH, 43210, United States Base Pay $24.00 - $25.00 / Hour Job Category Free Snacks, 2 Weeks PTO, Full-Time Industry Security, Data Center, Tech Required Degree High school Manage Others No Contact Information Name Reshma Bhatnagar...Full time$75k - $112k
...manager to understand workplace expectations and ensure the role aligns with their goals. Monday - Friday: 8:00 - 4:30 pm As a Security Analyst within PNC's SEC DEF SECURITY FUSION CENTER organization, you will be based in Birmingham, AL, Pittsburgh, PA, Columbus, OH....Full timeTemporary workPart timeWork experience placementWork at officeMonday to Friday- ...contingent resource assignment, you may: Consult on or participate in moderately complex initiatives and deliverables within Information Security Analysis and contribute to large-scale planning related to Information Security Analysis deliverables. Review and analyze...For contractors
- ...Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Information Security Analyst in Columbus, OH (Hybrid). Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract...Long term contractContract work
- A technology consulting firm in Columbus, OH, is looking for a Junior IT Security Analyst. This hybrid role requires support for IAM and PAM initiatives while developing automation scripts and providing operational support. Candidates should have 2-3 years of relevant...3 days per week
- An innovative firm is seeking a Junior IT Security Analyst to enhance their security operations. This role offers a unique opportunity to work in a hybrid environment, balancing in-office collaboration with remote flexibility. You will engage with various teams to support...Contract workWork at officeRemote work
$45 - $50 per hour
Job Title: Junior IT Security Analyst Location: Columbus, OH Hybrid: In office on Tuesdays and Wednesdays, remote on Monday, Thursday, and Friday Duration: 04/01/2025 - 03/31/2026 (Contract to Hire) Rate: $45 - $50/hour Contract Type: W-2 only, no visa sponsorships or...Contract workWork at officeRemote workVisa sponsorshipMonday to Friday$106.44k - $138.37k
Job Position Position will be filled at any of the locations listed below. Site specific salary information as follows: Battle Creek, MI: $106,437 - $138,370 Columbus, OH: $111,065- $144,386 Dayton, OH: $110,401- $143,523 Fort Belvoir, VA: $121,785- $158...- ...protocols, application and data services that traverse DOD networks connected to the Global Information Grid (GIG). Aids in Enterprise security declaration, readiness, and sustainment services for Information Technology (IT) technical vulnerabilities in support of...
- VigorCare Pediatric Services is seeking a highly skilled and experienced Security Analyst to join our team in Columbus, Ohio. As a Security Analyst, you will ensure the security and integrity of our company's information systems and data. You will monitor security logs...
- Job Description UAA Information Security Analyst The User Access Administrator role will monitor Request and Incident queues. Provide technical advice/assistance to our fellow colleagues and contractors for their access needs. May attend meetings representing UAA with...For contractorsFlexible hours
- ...to deliver excellent service to our clients, colleagues, and the communities we serve. About the Role We are currently seeking a Security Architect to shape and advance the firm’s enterprise security architecture, lead the implementation of modern security frameworks...Temporary workFor contractorsRemote work
- Teradata Corporation (SE) is seeking a Compliance Analyst to support its security compliance programs for global cloud offerings. The successful candidate will help maintain key certifications such as FedRAMP and SOC, while assisting with audits and compliance initiatives...Remote work
$87.63k - $177.5k
...the posting end date. Job Summary Responsible for large-scale security assignments providing direction to other team members. Responsible... ...response workflows, and improve overall security posture. The analyst will work closely with SOC analysts, detection engineering, and...Full timeWork experience placement$78.9k - $123.3k
...system authorization and continuous monitoring activities within a Federal environment. This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal cybersecurity requirements, and maintaining...Permanent employmentFull timePart timeWork at officeLocal areaRemote work$24 - $25 per hour
Job Title Location Main, New Albany, OH, 43054, United States Base Pay $24.00 - $25.00 / Hour Job Category Free Snacks, 2 Weeks PTO, Full-Time Industry Security, Tech, Data Center Required Degree High school Manage Others NoFull time- ...compliance, CBC Companies delivers high quality products and services to help our customers manage risk. About the Role: Information Security Analyst supports enterprise risk management and third‑party risk management (TPRM) initiatives by identifying, assessing, and...Temporary workWork at officeLocal area
- Robotics Process Automation, LLC in Dublin, Ohio, seeks candidates with hands-on experience in cloud security and compliance analytics platforms like Wiz and Tanium. The ideal candidate will possess strong project management skills and a thorough understanding of compliance...
- A technology company based in Dublin, Ohio, is looking for qualified candidates proficient in cloud security compliance analytics. The ideal candidate will demonstrate strong project management skills, a solid understanding of File Integrity Monitoring (FIM), and expertise...
$35 - $55 per hour
...Job Description Job Description Job Title: Physical Security Systems Audit & Data Analyst Location: Columbus, OH (Hybrid: 3 times a week Tuesday - Thursday) Duration: 1-Year Contract-to-Hire Rate: $35 – $55/hr (W2) Work Authorization: Must be authorized...Contract workWork at office- A leading technology firm in Dublin, Ohio, is seeking a candidate with hands-on experience in cloud security platforms like Wiz and Tanium to join their team. The ideal applicant will have a strong understanding of compliance frameworks, excellent communication skills,...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Offensive Security Analyst. Be the first to apply!
- security analyst remote Columbus, OH
- information security compliance analyst Columbus, OH
- cloud security analyst Columbus, OH
- rate analyst Columbus, OH
- senior information security analyst Columbus, OH
- entry level information security analyst Columbus, OH
- security analyst intern Columbus, OH
- security analyst Columbus, OH
- security operations analyst Columbus, OH
- entry level security analyst Columbus, OH

