Strong attention to detail with a methodical approach to identifying complex attack paths + Critical thinking and analytical skills to evaluate vulnerabilities in a business risk context + Ability to manage high volumes of testing requests without compromising depth or quality + Flexibility to work across diverse technologies, including cloud, applications, and infrastructure + Effective communication skills to convey technical findings to both technical and non-technical audiences + Familiarity with research techniques and threat intelligence to support proactive risk identification **To qualify for the role you must have** + A minimum of 4 years of experience in penetration testing, red teaming, purple teaming or offensive security + Hands-on experience testing applications, APIs, cloud environments, and network infrastructure + Strong understanding of common vulnerability classes such as OWASP Top 10 and exploitation techniques + Familiarity with offensive security methodologies and frameworks + Experience supporting or performing third-party risk assessments + Strong analytical and problem-solving skills with the ability to prioritize risks effectively + Strong communication and stakeholder management skills **Ideally, you'll also have** + OWASP training + Incident response experience **What we look for** We are looking for a developing Offensive Security Analyst that can operate with supervision and bring new approaches to discovering and evaluating the business's externally-exposed vulnerabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com .