Penetration Tester / Red Team Consultant

• Plan and execute penetration tests for various environments.
• Deliver high-quality reporting with actionable insights.
• Collaborate with defensive teams to enhance security measures.

Conocimientos

Penetration Testing Security Weakness Analysis Client Management Documentation and Reporting, As a member of our team in the EY GDS Spain office in Malaga, you'll have a chance to extend your knowledge and experience by working on interesting projects with the newest technologies and approaches. You'll support clients in choosing the most suitable business solution and take part in digital transformation. Your Key Responsibilities

• Plan and execute penetration tests (internal/external), including web applications/APIs, network/infrastructure, and cloud environments.
• Define scope, rules of engagement, and test strategy with stakeholders; ensure safe execution and minimal operational impact.
• Perform security testing using a balanced approach of manual techniques and validated tooling; document evidence and reproduce findings reliably.
• Deliver high-quality reporting (executive summary, technical details, risk rating, remediation guidance); support retesting and closure.
• Conduct (or support) red team / purple team exercises where applicable, aligning scenarios to business risks and adversary techniques.
• Collaborate with defensive teams (SOC/Blue Team/IR) while ensuring appropriate separation and independence of offensive and defensive activities.
• Contribute to continuous improvement: refine methodologies, reusable playbooks/checklists, and knowledge sharing.

The ideal candidate will have strong testing methodologies knowledge, experience with tools like Burp Suite, and solid English communication skills. EY offers empowering career development, well-being programs, and flexible work-life integration opportunities., * 3-4 years of hands-on experience in penetration testing and/or red teaming.

• Strong understanding of testing methodologies such as OWASP.
• English at least B2 - C1 required., * Strong understanding of common attack paths and security weaknesses across web, infrastructure, identity, and cloud.
• Structured and disciplined working style: documentation, evidence handling, clear communication, and quality focus.
• Ability to translate technical findings into business-relevant risk language and actionable remediation steps.
• Client-facing mindset with strong stakeholder management and a proactive, ownership-driven attitude., * 3-4 years of hands-on experience in penetration testing and/or red teaming with proven delivery of professional reports.
• Solid knowledge of testing methodologies (e.g., OWASP for web/API testing; structured engagement planning and execution).
• Hands-on experience with common offensive security tooling (e.g., Burp Suite, Nmap, scripting for automation/validation).
• Strong understanding of Windows/Linux and networking fundamentals; comfortable with troubleshooting and evidence capture.
• English at least B2 - C1 (written and spoken) is required.

Preferred Qualifications

• Relevant certifications (e.g., OSCP/OSWE/GPEN/PNPT or comparable) are a plus.
• Experience with specialized testing domains such as cloud pentesting, mobile, thick client, wireless, or social engineering (depending on engagement model).
• Experience with threat-led red teaming and purple teaming approaches (where applicable).
• German B2 (if applicable).

What We Look For

We look for ethical attackers who combine technical depth with maturity and discipline-clear scoping, clean execution, and crisp communication. You care about impact: delivering findings that teams can fix and running engagements that measurably improve resilience.

Málaga Híbrido EUR 45.000 - 65.000 Jornada completa Ayer Sé de los primeros/as/es en solicitar esta vacante

Recibe más respuestas de empleadores

Consigue la entrevista y gana más. Más información Empieza desde cero o carga un currículum

Servicios

Empowering Career Development Flexible Work-Life Integration Comprehensive Well-Being Programs Meaningful Volunteering Opportunities Recognized Performance and Rewards

* Flexible Work-Life Integration: Enjoy the freedom of our hybrid work model, allowing you to blend professional responsibilities with personal passions. We understand that life is more than just work, and we support you in achieving that balance. * Comprehensive Well-Being Programs: Prioritize your health with our extensive wellness initiatives, including psychological support sessions and health resources. At EY GDS Spain, your well-being is at the heart of what we do. * Meaningful Volunteering Opportunities: Make a difference in your community through our engaging volunteering programs. Join us in giving back and creating a positive impact while building connections with like-minded colleagues. * Recognized Performance and Rewards: Celebrate your achievements with our recognition programs that honor both individual and team successes. We believe in acknowledging hard work and dedication, ensuring you feel valued every step of the way.