Offensive Security Analyst
Ernst & Young Oman
The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure Management Lead, you will identify, assess and help mitigate vulnerabilities across EY’s global attack surface. This role goes beyond traditional scanning by actively emulating threat actors, performing penetration testing and assessing the true impact of security weaknesses. Your responsibilities will include supporting the validation of third‑party risk assessments, identifying misconfigurations and exposed assets, and ensuring security standards are applied across EY’s digital ecosystem. You will also contribute to strengthening Continuous Threat Exposure Management and Attack Surface Management efforts by providing actionable insights that improve proactive defense and reduce overall business risk. Your key responsibilities The Analyst will apply offensive security techniques to assess EY’s external and internal attack surface, identifying vulnerabilities across web applications, APIs, cloud environments, networks, and infrastructure. This includes testing proof‑of‑concepts to validate exploitability and determine real‑world impact. The role involves emulating adversary tactics to test detection and response capabilities, as well as conducting reconnaissance and asset discovery to uncover unmanaged or exposed assets. The candidate will support third‑party and supply chain risk validation efforts by reviewing assessments or conducting targeted testing where required. Collaborating closely with security engineering, blue teams and business stakeholders, the analyst will help prioritize remediation efforts based on risk severity and exploitability. Additionally, the role will contribute to enhancing processes, playbooks and reporting standards within the Vulnerability Discovery and offensive security functions. Skills and attributes for success Capability to identify and exploit vulnerabilities beyond automated scanning tools like Qualys, Nessus etc. Strong attention to detail with a methodical approach to identifying complex attack paths Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context Ability to manage high volumes of testing requests without compromising depth or quality Flexibility to work across diverse technologies, including cloud, applications and infrastructure Effective communication skills to convey technical findings to both technical and non‑technical audiences Familiarity with research techniques and threat intelligence to support proactive risk identification To qualify for the role you must have A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security Hands‑on experience testing applications, APIs, cloud environments and network infrastructure Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques Familiarity with offensive security methodologies and frameworks Experience supporting or performing third‑party risk assessments Strong analytical and problem‑solving skills with the ability to prioritize risks effectively Strong communication and stakeholder management skills Ideally, you’ll also have OWASP training Incident response experience What we look for We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business’s externally‑exposed vulnerabilities. We are seeking a seasoned analyst to improve the organization’s ability to reduce the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization. What we offer you We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is 76,400 to 138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 91,700 to 157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial and emotional well‑being. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at View email address on click.appcast.io. #J-18808-Ljbffr
$76.4k - $138.6k
...central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost... ...to market and business value. The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key...SuggestedSummer holidayLocal areaFlexible hours- Ernst & Young Oman is looking for an Offensive Security Analyst to evaluate and improve our digital security posture. You will be responsible for conducting penetration tests, exploring vulnerabilities, and assisting with risk validation efforts across the organization...Suggested
$85k
Summary The Senior Security Operations Center Analyst will be responsible for planning and implementing security measures to protect computer systems... ...more experience in information security administration, offensive tactics, monitoring, and IR. required Three (3) years...SuggestedWork at office- ...information with all team members. Willingness to subordinate individual goals for team goals. Proactively recommends solutions to security issues. Conducts HIPAA auditing and monitoring. Key information security contact for legal requests, legal holds, chain of custody...SuggestedWork at officeImmediate start
$40 per hour
A tech company is seeking experienced cybersecurity professionals to evaluate AI-generated security content and solve technical problems for advanced AI systems. This is a remote position that allows you to choose projects and work on your own schedule, with projects paid...SuggestedHourly payRemote work$30 per hour
...the Oracle Government, Defense & Intelligence team supporting Federal Compliance and Federal Sales Teams. The Information Security Compliance Analyst is expected to work with the GDI Performance Management team to ensure documentation, processes and policies up to date...Hourly payTemporary workInternshipFlexible hours- SUMMARY The IT Security Analyst II serves as the primary internal responder and a critical member of VSE’s cybersecurity defense team, responsible for proactive threat detection, in‑depth analysis, and end‑to‑end incident response. This hands‑on role owns the discovery...
$40 per hour
...company is seeking experienced cybersecurity professionals to join their team remotely. The role involves evaluating AI-generated security content and solving technical cybersecurity problems to enhance AI systems. Candidates should have over 2 years of hands-on cybersecurity...Remote jobHourly payFlexible hours$40 per hour
...firm specializing in AI is seeking experienced cybersecurity professionals for a flexible position aimed at evaluating AI-generated security content and solving technical problems. Candidates should have at least 2 years of cybersecurity experience, as well as some...Remote jobHourly payFlexible hours$40 per hour
...platform is looking for experienced cybersecurity professionals to help train AI models. The role involves evaluating AI-generated security content, solving cybersecurity problems, and providing feedback for improving AI systems. Candidates must have 2+ years of hands-...Remote jobHourly payFull timePart time$40 per hour
A leading AI cybersecurity firm is seeking experienced cybersecurity professionals to evaluate AI-generated content and solve technical problems. This role allows candidates to work remotely, providing flexibility to choose projects and hours. Ideal candidates will have...Remote jobHourly pay- VSE Aviation is seeking an IT Security Analyst II to enhance its cybersecurity defense team. This role focuses on proactive threat detection and incident response, collaborating with IT and security teams to minimize impact. The ideal candidate has a Bachelor's degree...
- Security Operations Center - SOC Analyst I # 595 Rocky Hill, CT, USA Job Description Posted Thursday, May 14, 2026 at 4:00 AM Who we are... As an industry-leading fintech provider, COCC delivers innovative, comprehensive technology solutions and strategic partnerships...Work experience placement
$40 per hour
A leading AI cybersecurity firm is seeking experienced cybersecurity professionals to evaluate AI-generated security content and provide feedback for improvements. This role allows for flexibility with project selection and hours, offering competitive pay starting at $...Remote jobHourly pay- SupportFinity™ is seeking an IT security professional to support HIPAA auditing and data security within a Connecticut-based hybrid role. You will implement security controls, assist with data flows, and help prepare training materials for end users. The ideal candidate...Work at office
- Teradata Corporation (SE) is seeking a Compliance Analyst to support their security compliance programs across global cloud offerings. This role involves managing compliance in accordance with key certifications such as FedRAMP and ISO. Ideal candidates should have a bachelor...
- A tech-focused AI company is looking for a Securities Analyst to join its remote team. This flexible position allows you to choose projects and set your own schedule while leveraging your finance expertise to improve AI analysis capabilities. Successful candidates will...Remote jobHourly payFlexible hours
$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. We are looking for a Securities Analyst to join our team to help train the next generation of AI while enjoying the flexibility of remote work and the freedom to set your own schedule. This role is designed to fit...Hourly payFull timeContract workPart timeWork experience placementRemote workFlexible hours$29.8 per hour
The Connecticut General Assembly is seeking applications for a part-time position within the State Capitol Police Department in Hartford, Connecticut. This role requires candidates to be at least 21 years old, a U.S. citizen or permanent resident, and have a high school...Hourly payPermanent employmentPart timeFlexible hours$78.9k - $123.3k
...system authorization and continuous monitoring activities within a Federal environment. This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal cybersecurity requirements, and maintaining...Permanent employmentFull timePart timeWork at officeLocal areaRemote work$68.4k - $94k
...employment and will be considered individually based on factors such as the relationship between the position sought and the criminal offense, the nature of the offense, any documentation or information demonstrating the rehabilitation of the applicant, the time elapsed...Full timeTemporary workPart timeLocal areaRelocationFlexible hoursNight shift$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work- ...and activities Monitor designated areas to ensure physical security and authorized access in order to prevent theft, trespass,... ...arrest and present before a competent authority any person for any offense committed within his precinct." (Connecticut General Statutes 2...Full timeTemporary workTraineeshipImmediate startFlexible hoursShift workWeekend work
- ...A tech-focused AI firm is seeking an experienced Investment Operations Analyst to evaluate AI in finance, providing feedback for model improvement. The role is flexible, allowing for part-time or full-time engagement with remote work options. Ideal candidates will have...Hourly payFull timePart timeRemote workFlexible hours
$76k - $110k
Nassau Community College is seeking a dedicated Accounting professional to provide support for investment accounting reporting and analysis. Responsibilities include accounting for investment holdings, reconciling data between custodians, and ensuring compliance with GAAP...$20.25 per hour
...about Target here. ( ALL ABOUT ASSETS PROTECTION Assets Protection (AP) teams function to keep our guests, team and brand secure and lead through crisis events. They protect profitable sales by mitigating shortage risks, preventing, and resolving theft and...Hourly payLocal areaFlexible hoursShift workNight shift$16.42 - $27.42 per hour
...Essential Functions: • Provide a visible and proactive physical security and safety presence throughout the assigned supply chain location to ensure Lowe's Safe environment. • Validates physical security of the building, per company policy/procedure, throughout the...Hourly payFull timePart timeFor contractorsLocal areaFlexible hoursNight shift- ...Chelsea Place Care Center is currently looking for a per diem Security Specialist . Summary: The primary role of the Security Specialist is to implement the facility's security program in accordance with current applicable federal, state, and local standards...Daily paidWork at officeLocal areaShift work
$105k - $130k
...mission of creating opportunities for people where they live, learn, and work. CampusGuard, a Nelnet company, provides information security and privacy consulting and compliance services primarily for campus-based organizations including higher education institutions,...Temporary workFixed term contractLocal areaRemote workWork from homeHome office$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Offensive Security Analyst. Be the first to apply!
- security analyst remote Hartford, CT
- information security compliance analyst Hartford, CT
- cloud security analyst Hartford, CT
- rate analyst Hartford, CT
- senior information security analyst Hartford, CT
- entry level information security analyst Hartford, CT
- security analyst intern Hartford, CT
- security analyst Hartford, CT
- security operations analyst Hartford, CT
- entry level security analyst Hartford, CT


