Offensive Security Analyst
Ernst & Young Oman
The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure Management Lead, you will identify, assess and help mitigate vulnerabilities across EY’s global attack surface. This role goes beyond traditional scanning by actively emulating threat actors, performing penetration testing and assessing the true impact of security weaknesses. Your responsibilities will include supporting the validation of third‑party risk assessments, identifying misconfigurations and exposed assets, and ensuring security standards are applied across EY’s digital ecosystem. You will also contribute to strengthening Continuous Threat Exposure Management and Attack Surface Management efforts by providing actionable insights that improve proactive defense and reduce overall business risk. Your key responsibilities The Analyst will apply offensive security techniques to assess EY’s external and internal attack surface, identifying vulnerabilities across web applications, APIs, cloud environments, networks, and infrastructure. This includes testing proof‑of‑concepts to validate exploitability and determine real‑world impact. The role involves emulating adversary tactics to test detection and response capabilities, as well as conducting reconnaissance and asset discovery to uncover unmanaged or exposed assets. The candidate will support third‑party and supply chain risk validation efforts by reviewing assessments or conducting targeted testing where required. Collaborating closely with security engineering, blue teams and business stakeholders, the analyst will help prioritize remediation efforts based on risk severity and exploitability. Additionally, the role will contribute to enhancing processes, playbooks and reporting standards within the Vulnerability Discovery and offensive security functions. Skills and attributes for success Capability to identify and exploit vulnerabilities beyond automated scanning tools like Qualys, Nessus etc. Strong attention to detail with a methodical approach to identifying complex attack paths Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context Ability to manage high volumes of testing requests without compromising depth or quality Flexibility to work across diverse technologies, including cloud, applications and infrastructure Effective communication skills to convey technical findings to both technical and non‑technical audiences Familiarity with research techniques and threat intelligence to support proactive risk identification To qualify for the role you must have A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security Hands‑on experience testing applications, APIs, cloud environments and network infrastructure Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques Familiarity with offensive security methodologies and frameworks Experience supporting or performing third‑party risk assessments Strong analytical and problem‑solving skills with the ability to prioritize risks effectively Strong communication and stakeholder management skills Ideally, you’ll also have OWASP training Incident response experience What we look for We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business’s externally‑exposed vulnerabilities. We are seeking a seasoned analyst to improve the organization’s ability to reduce the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization. What we offer you We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is 76,400 to 138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 91,700 to 157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial and emotional well‑being. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at View email address on click.appcast.io. #J-18808-Ljbffr
- ...Our client is seeking a Security Analyst to join their team. As a Security Analyst, you will be part of the Cybersecurity Department supporting compliance, risk assessment, and incident response functions. The ideal candidate will demonstrate strong analytical skills,...SuggestedRemote work
- ...Information Security Contract Support Specialist The Department of Health Services (DHS) is one of the largest and most diverse state... ...with security architects, liaisons, and other security analysts performing comprehensive assessment. Document and communicate...SuggestedContract workWork at office
- ...applying NIST Cybersecurity Framework, NIST RMF, and other common security standards. #). 2+ years of experience in... ...supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting a wide range of compliance and cybersecurity...SuggestedWork at office
- ...Description: The client is looking for a Security Analyst II. Project Details : Under the general supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting a wide range of compliance and cybersecurity functions across...SuggestedWork at officeRemote work
- ...Security Analyst II Primary Location : Madison, Wisconsin V-Soft Consulting is currently hiring Security Analyst II for our premier client in Madison, Wisconsin. Knowledge, Skills and Abilities » Understanding of NIST Cybersecurity Framework, NIST RMF,...SuggestedCurrently hiringLocal area
- ...Our client, a government agency in the public sector, is seeking a Security Analyst to join their team. As a Security Analyst, you will be part of the cybersecurity support team supporting the Wisconsin Department of Correction. The ideal candidate will demonstrate strong...Weekly payTemporary workWork at officeRemote workFlexible hours
$124.2k - $186.2k
...About the team: The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams...Local areaRemote work- ...Title: Security Analyst II *Local to WI Job Descripiton: Under general supervision of the Security & Accounts Management Manager, this position works as a part of the Security & Accounts Management team and is responsible for provisioning and de-provisioning...Local area
- ...Our client is seeking a Security Analyst to join their team. As a Security Analyst, you will be part of the Cybersecurity Department supporting compliance, risk assessment, and incident response functions. The ideal candidate will demonstrate strong analytical skills,...Remote work
- ...Benefits: Competitive salary Opportunity for advancement Training & development | POSITION SUMMARY –Security Analyst II (Compliance) Under the general supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting...Work at officeRemote workWork from homeRelocationFlexible hours
- ...starting the role at their own expense. 100% remote within the State of Wisconsin. Our direct client is looking for a Security Analyst 141236 This position is for up to 12 months with the option of extension, and the client is in Madison, WI. Please send...Remote workRelocation
$40 per hour
A cybersecurity AI training company is seeking experienced cybersecurity professionals to help evaluate AI-generated security content. This remote position requires hands-on experience in cybersecurity, including areas like penetration testing and malware analysis. Candidates...Hourly payRemote workFlexible hours$80k - $95k
...science-driven innovators who are collaborating to bring new therapies to patients in need. The Position The Information Security Systems Analyst is responsible for the day-to-day administration, operation, and continuous improvement of the organization's Microsoft...$30 per hour
...the Oracle Government, Defense & Intelligence team supporting Federal Compliance and Federal Sales Teams. The Information Security Compliance Analyst is expected to work with the GDI Performance Management team to ensure documentation, processes and policies up to date...Hourly payTemporary workInternshipFlexible hours$85k - $100k
...performance; manage connector integrations and remain current with relevant Microsoft releases. Maintain documentation and triage/escalate security alerts. Requirements Bachelor’s degree (or equivalent experience) in Information Security/IT/CS or related field. 3+ years in...- ...Job Description Job Description Position Summary: The Senior SAP Security Analyst will work on business systems design and configuration, as well as upgrades and improvements for assigned technology platforms. As a primary support contact for SAP application end...Work at office
$78.9k - $123.3k
...system authorization and continuous monitoring activities within a Federal environment. This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal cybersecurity requirements, and maintaining...Permanent employmentFull timeContract workPart timeWork at officeLocal areaRemote work$74k - $111.5k
Primary DetailsTime Type: Full time Worker Type: Employee The Opportunity: The Cyber Security Analyst is a key member of QBE's Global Security Operations team, responsible for protecting enterprise systems, data, and services in an evolving threat landscape. This is...Full timePart timeWork at officeWork from home$24.66 per hour
...training, but all work must be done within Wisconsin. Under the general supervision of the GRC Manager, this position serves as a Security Analyst responsible for supporting a wide range of compliance and cybersecurity functions. Core responsibilities include providing...Hourly payContract workTemporary workWork experience placementWork at officeRemote workRelocation$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work- ...checking the doors and windows of buildings to ensure that they are secure. Operate a law enforcement vehicle during both day and night... ...evidence and substances that provide the basis of criminal offenses and infractions. Conduct visual and audio surveillance....Permanent employmentFull timeShift workNight shift
$50 - $60 per hour
...A technology company specializing in AI is seeking an Investment Operations Analyst to evaluate AI models' outputs and enhance their correctness. This role offers the flexibility of remote work, allowing individuals to set their own schedules. Ideal candidates will have...Hourly payFull timePart timeRemote workFlexible hours- ...percent of SWIB's investment professionals are Chartered Financial Analyst (CFA) charterholders. The City of Madison, the state capitol... ...703,000 WRS beneficiaries, SWIB is driven by a clear mission: securing the financial future of those who serve Wisconsin. When you...Work at officeRemote workRelocation
$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work$56.5k - $75.5k
...Job Overview: Secure your next opportunity at Marvin! We’re looking for a Security Systems Administrator to join our team and support the administration and maintenance of enterprise physical security systems. In this role, you’ll deliver technical system support for...Temporary workRelocationRelocation package$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work- ...Location: HCG MADISON Department: HCG-M Security Summary: POSITION OVERVIEW Execute security duties on assigned shift, to adequately protect... ...maintain a gaming license 2.Must not have been convicted of an offense, which is related to theft, fraud, children or elders. 3....Shift work
$100k - $160k
...Job Summary The Security Solutions Advisor is responsible for the acquisition of net-new security business within a given territory. They will proactively leverage SHI data, alongside partner information, to identify and generate sales opportunities and meetings with...Work experience placementFlexible hours$84.5k - $187k
Job Description As OCI’s power portfolio evolves beyond traditional grid procurement into onsite generation, renewable PPAs, battery storage, and hedging structures, this role will be at the center of modeling those emerging commercial arrangements and quantifying their...Contract workTemporary workLocal areaFlexible hours$84.5k - $187k
...Job Description Principal Financial Analyst to support Capital expenditure for Oracle Cloud Infrastructure Oracle Cloud Infrastructure (OCI) is growing rapidly, and we are looking for a financial leader to support our capital expenditure and Supply Chain organization...Temporary workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Offensive Security Analyst. Be the first to apply!
- security analyst remote Madison, WI
- information security compliance analyst Madison, WI
- cloud security analyst Madison, WI
- rate analyst Madison, WI
- senior information security analyst Madison, WI
- entry level information security analyst Madison, WI
- security analyst intern Madison, WI
- security analyst Madison, WI
- security operations analyst Madison, WI
- entry level security analyst Madison, WI




