Vulnerability Mgt Research Analyst

Vulnerability Mgt Research Analyst at EY

At EY, we’re all in to shape your future with confidence. Join EY and help build a better working world.

Today's world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets!

Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value.

The Vulnerability Research Analyst at EY is vital to protecting the firm’s digital infrastructure by proactively identifying and evaluating vulnerability-based security threats. This opportunity allows for the utilization and expansion of technical skills in a complex and dynamic environment. The analyst will collaborate with seasoned professionals, fostering a space for knowledge sharing and professional growth. EY’s commitment to ongoing training and development ensures the analyst remains at the cutting edge of industry practices.

The role offers a chance to make a significant impact on the firm’s security posture and influence operational direction.

• Research and analyze vulnerabilities, using assessment tools and sound analytic techniques to uncover potential security weaknesses.
• Interpret technical data to provide actionable intelligence, prioritize vulnerabilities by severity and exploitability, and collaborate with partner teams within Vulnerability Management to recommend remediation strategies.
• Stay updated on cybersecurity trends to improve research capabilities, document findings, prepare risk reports, and participate in incident response activities as needed.

• Excellent analytical and problem‑solving skills
• Effective communication skills, with the ability to articulate technical information to various audiences
• A proactive and results‑driven individual with a strong sense of ownership
• Keen attention to detail and a commitment to delivering high‑quality work
• Ability to work independently as well as part of a collaborative team
• Strong organizational skills with the ability to manage multiple tasks and deadlines
• A continuous learner with a passion for staying at the forefront of cybersecurity developments
• Comfortable justifying decisions and assessments

• Minimum of 5 years of experience in information security
• Minimum of 3 years in Vulnerability Management and/or research
• Strong understanding of network protocols, operating systems, databases, and software vulnerabilities
• Familiarity with industry frameworks and standards such as OWASP, NIST, and CVE
• Demonstrated experience assessing and communicating the risk of vulnerabilities to senior levels of an organization
• An in-depth understanding of security control functionality in the context of threats
• An interest and aptitude for engaging stakeholders and developing a functional network of subject matter experts
• Proficiency developing non‑traditional solutions to complex challenges

• Purple Team expertise
• Experience in analytical tradecraft

We are looking for an experienced, self‑driven analyst that can operate with minimal guidance and help develop more junior analysts. The candidate will be able to improve the attack surface while enabling the business. The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the organization.

The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary…