Vulnerability Mgt Research Analyst

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world.

Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets!

The Vulnerability Research Analyst at EY is a vital role in protecting the firm's digital infrastructure by proactively identifying and evaluating vulnerability-based security threats. The analyst will collaborate with seasoned professionals, fostering a space for knowledge sharing and professional growth. EY’s commitment to ongoing training and development ensures the analyst remains at the cutting edge of industry practices.

As a Vulnerability Research Analyst, you will research and analyze vulnerabilities, use assessment tools and analytic techniques to uncover potential security weaknesses, provide actionable intelligence, prioritize vulnerabilities, collaborate with partner teams within the Vulnerability Management group to recommend remediation strategies, stay updated on cybersecurity trends, document findings, prepare risk reports, and participate in incident response activities as needed.

• Excellent analytical and problem-solving skills
• Effective communication skills, with the ability to articulate technical information to various audiences
• A proactive and results-driven individual with a strong sense of ownership
• Keen attention to detail and a commitment to delivering high-quality work
• Ability to work independently as well as part of a collaborative team
• Strong organizational skills with the ability to manage multiple tasks and deadlines
• A continuous learner with a passion for staying at the forefront of cybersecurity developments
• Comfortable justifying decisions and assessments

• Minimum of 5 years of experience in information security
• Minimum of 3 years in Vulnerability Management and/or research
• Strong understanding of network protocols, operating systems, databases, and software vulnerabilities
• Familiarity with industry frameworks and standards such as OWASP, NIST, and CVE
• Demonstrated experience assessing and communicating the risk of vulnerabilities to senior levels of an organization
• An in-depth understanding of security control functionality in the context of threats
• An interest and aptitude for engaging stakeholders and developing a functional network of subject matter experts
• Proficiency developing non-traditional solutions to complex challenges

• Purple Team expertise
• Experience in analytical tradecraft

We are looking for an experienced, self-driven analyst that can operate with minimal guidance and help develop more junior analysts. The candidate will be able to improve the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization.

• We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $91,100 to $170,400. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
• Join us in our team-led and leader-enabled hybrid model. We expect most people in external, client-serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
• Under our flexible vacation policy you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer…