Offensive Security Analyst
Ernst & Young Oman
The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure Management Lead, you will identify, assess and help mitigate vulnerabilities across EY’s global attack surface. This role goes beyond traditional scanning by actively emulating threat actors, performing penetration testing and assessing the true impact of security weaknesses. Your responsibilities will include supporting the validation of third‑party risk assessments, identifying misconfigurations and exposed assets, and ensuring security standards are applied across EY’s digital ecosystem. You will also contribute to strengthening Continuous Threat Exposure Management and Attack Surface Management efforts by providing actionable insights that improve proactive defense and reduce overall business risk. Your key responsibilities The Analyst will apply offensive security techniques to assess EY’s external and internal attack surface, identifying vulnerabilities across web applications, APIs, cloud environments, networks, and infrastructure. This includes testing proof‑of‑concepts to validate exploitability and determine real‑world impact. The role involves emulating adversary tactics to test detection and response capabilities, as well as conducting reconnaissance and asset discovery to uncover unmanaged or exposed assets. The candidate will support third‑party and supply chain risk validation efforts by reviewing assessments or conducting targeted testing where required. Collaborating closely with security engineering, blue teams and business stakeholders, the analyst will help prioritize remediation efforts based on risk severity and exploitability. Additionally, the role will contribute to enhancing processes, playbooks and reporting standards within the Vulnerability Discovery and offensive security functions. Skills and attributes for success Capability to identify and exploit vulnerabilities beyond automated scanning tools like Qualys, Nessus etc. Strong attention to detail with a methodical approach to identifying complex attack paths Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context Ability to manage high volumes of testing requests without compromising depth or quality Flexibility to work across diverse technologies, including cloud, applications and infrastructure Effective communication skills to convey technical findings to both technical and non‑technical audiences Familiarity with research techniques and threat intelligence to support proactive risk identification To qualify for the role you must have A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security Hands‑on experience testing applications, APIs, cloud environments and network infrastructure Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques Familiarity with offensive security methodologies and frameworks Experience supporting or performing third‑party risk assessments Strong analytical and problem‑solving skills with the ability to prioritize risks effectively Strong communication and stakeholder management skills Ideally, you’ll also have OWASP training Incident response experience What we look for We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business’s externally‑exposed vulnerabilities. We are seeking a seasoned analyst to improve the organization’s ability to reduce the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization. What we offer you We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is 76,400 to 138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is 91,700 to 157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial and emotional well‑being. EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at View email address on click.appcast.io. #J-18808-Ljbffr
- ...IT Security Analyst Sacramento, CA 3+ years Required Skills: Must provide resumes which describe in detail... ...Researcher and Advanced Penetration Tester (GXPN) o Offensive Security Experienced Penetration Tester (OSEP) o GIAC...Suggested
- ...Security Analyst Sacramento, CA 18+ months Mandatory Qualifications: A minimum of seven (7) years’ experience within the last 10 years, providing security vulnerability and risk assessment services directly or through a partner relationship. At least three...Suggested
$124.2k - $186.2k
...About the team: The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams...SuggestedLocal areaRemote work- ...Security Operations Analyst Bachelor's degree in Cyber Security or related field, or equivalent work experience 4-years of experience in Security Operation Centers or a similar role with at least 2-years managing all aspects of a Security Operation Center Formal IT...SuggestedWork experience placement
- ...Security Applications Analyst Sacramento, CA 12+ months Required Skills/Experience: Implement, configure, and maintain Information Security and Risk Management software platforms and computing systems. Provide customer service support...Suggested
- ...Information Security Analyst Sacramento, CA 12+ months As an information security analyst, Consultant’s duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. This includes protection of on-premises infrastructure...
$30 per hour
...the Oracle Government, Defense & Intelligence team supporting Federal Compliance and Federal Sales Teams. The Information Security Compliance Analyst is expected to work with the GDI Performance Management team to ensure documentation, processes and policies up to date...Hourly payTemporary workInternshipFlexible hours$50k - $70k
...The Operations Security Analyst/Specialist protects client, employee, and company data across our cloud stack (Google Workspace, Slack, Dropbox, etc.) by owning identity, device, and data controls. You’ll make access simple and secure, keep laptops healthy, tighten how...Work at officeImmediate startWeekend workAfternoon shift3 days per weekEarly shift- ...Job Title - Information Security Analyst - Engineer Req Id- 24-143433 Duration: 06+ Months with possible extensions Location: Sacramento, CA Hybrid Role Overview: We are seeking a skilled and detail-oriented Governance and Compliance...Work at office
$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work$18.85 - $29.6 per hour
...confidential information and investigations Detail-oriented Preferred Prior experience or education in Loss Prevention, security or law enforcement Knowledge of surveillance and apprehension techniques Knowledge of or ability to learn Google applications...Full timeTemporary workPart timeLocal areaFlexible hoursShift work$18.85 - $29.6 per hour
...Uphold confidential information and investigations. Detail-oriented. Preferred Prior experience or education in Loss Prevention, security or law enforcement. Knowledge of surveillance and apprehension techniques. Knowledge of or ability to learn Google applications and...Full timeTemporary workPart timeLocal areaFlexible hours$102.5k - $158.85k
...relating to the apprehension of offenders and the investigation of offenses; prepares reports on arrests made, activities performed and unusual incidents observed; checks buildings for physical security; serves warrants and subpoenas; requests and retrieves information...Full timeWork experience placement$10.16k
...relating to the apprehension of offenders and the investigation of offenses; prepares reports on arrests made, activities performed and unusual incidents observed; checks buildings for physical security; serves warrants and subpoenas; requests and retrieves information...$22 - $23 per hour
Job Description - Overview Do you have EXPERIENCE IN RETAIL LOSS PREVENTION and want to work for a company that still believes in apprehending and prosecuting criminals? The Loss Prevention Department for Hobby Lobby is currently seeking a full time In-Store ...Full timeLocal areaFlexible hoursWeekend work$24.5 per hour
...times. Assist with special projects, as assigned. Qualifications: Strong knowledge of computer applications; including Security Software, CCTV equipment, Excel, Word, and PowerPoint Strong verbal and written communication skills Knowledge of federal,...Full timeTemporary workLocal areaImmediate startFlexible hoursNight shiftAfternoon shift- ...cutoff dates may be set as departmental needs warrant.** Next Cutoff Date: 7/3/2026 Under the direction of the Supervisor I, the Analyst II is responsible for monitoring the fiscal management of a wide range of multifamily properties financed by the Agency, keeping...Permanent employmentFull timeWork experience placementWork at officeRemote workVisa sponsorshipWork visaMonday to Friday
$16.9 - $20.4 per hour
...with peers and supervisors to accomplish tasks ~ Able to work a flexible schedule to support business needs ~0-2 years retail or security experience Benefits include: Associate discount; EAP; smoking cessation; bereavement; 401(k) Associate contributions;...Hourly payTemporary workLocal areaHome officeFlexible hours- ...of cash management and cash flow analysis for a large organization; short and long term investments including bonds, government securities, certificates of deposit, commercial paper, etc.; investment/financial terminology and techniques; principles and practices of accounting...Full timeTemporary workPart timeWork at officeLocal areaImmediate start
$10,681 per month
...overall Investment Portfolio by seeking investment strategies and security types that would protect it against inflation, generate... ...possesses a professional certification as a Chartered Financial Analyst (CFA) may receive a 5% monthly base pay differential. In July...Permanent employmentFull timeSeasonal workWork at officeRemote workFlexible hours- ...opportunities be, too? The Opportunity This role is Detroit Hybrid preferred; however, remote option possible. The Senior Actuarial Analyst is responsible for developing and supporting a robust reserving framework at Ally Insurance. The Senior Actuarial Analyst will be...Permanent employmentWork experience placementRemote workFlexible hours
$129.3k - $177.8k
Become a part of our caring community The Actuary, Analytics/Forecasting analyzes and forecasts financial, economic, and other data to provide accurate and timely information for strategic and operational decisions. Establishes metrics, provides data analyses, and works...Bi-weekly payFull timeTemporary workApprenticeshipWork experience placementRemote workWork from homeHome officeShift work$129.3k - $177.8k
A healthcare services provider is seeking an Actuary for Analytics/Forecasting to provide crucial insights for strategic decisions. Responsibilities include collaborating with stakeholders, analyzing financial data, and advising executives. The ideal candidate holds a ...Remote work$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work$20.75 per hour
...Target here. ALL ABOUT ASSETS PROTECTION Assets Protection (AP) teams function to keep our guests, team and brand secure and lead through crisis events. They protect profitable sales by mitigating shortage risks, preventing, and resolving theft and...Hourly payLocal areaFlexible hoursShift workNight shiftDay shift$45 - $50 per hour
...Surefox Consulting, LLC is looking for a Residential Security Agent in Sacramento, CA. The role requires a CA Guard Card and involves providing physical security to clients while ensuring compliance with regulations. Responsibilities include managing surveillance, responding...Hourly payPart time- ...Security Guard Position Capital Protection Group is seeking a vigilant and dedicated Security Guard to join our team. The ideal candidate will be responsible for maintaining a safe and secure environment for our clients and their assets. This role requires a proactive...Flexible hoursShift workNight shiftWeekend workDay shiftAfternoon shiftEarly shift
$105k - $130k
...mission of creating opportunities for people where they live, learn, and work. CampusGuard, a Nelnet company, provides information security and privacy consulting and compliance services primarily for campus-based organizations including higher education institutions,...Temporary workFixed term contractLocal areaRemote workWork from homeHome office$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work- ...Job Description Job Description Job Summary We are seeking a professional Security Officer to join our team. In this role, your primary responsibility will be to create a safe and secure environment. You will protect our premises, assets, and employees and prevent...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Offensive Security Analyst. Be the first to apply!
- security operations analyst Sacramento, CA
- application security analyst Sacramento, CA
- entry level information security analyst Sacramento, CA
- cloud security analyst Sacramento, CA
- network security analyst Sacramento, CA
- entry level security analyst Sacramento, CA
- information security compliance analyst Sacramento, CA
- security analyst Sacramento, CA
- senior security analyst Sacramento, CA
- IT security analyst Sacramento, CA



