Senior Penetration Tester / Red Team Consultant EY GDS Spain - Hybrid

 

The opportunity

As a Senior Penetration Tester / Red Team Consultant, you are part of the EY Cyber Security team delivering offensive security services that help clients validate and improve their security posture. You execute structured penetration tests and (where applicable) threat-led adversary simulations across applications, infrastructure, and cloud/hybrid environments, translating technical findings into clear, actionable risk reduction.

As a member of our team in the EY GDS Spain office in Malaga, youll have a chance to extend your knowledge & experience by working on interesting projects with the newest technologies and approaches. Youll support clients in choosing the most suitable business solution and take part in digital transformation.

 

Your key responsibilities

Plan and execute penetration tests (internal/external), including web applications/APIs,
network/infrastructure, and cloud environments

Define scope, rules of engagement, and test strategy with stakeholders; ensure safe execution and minimal
operational impact

Perform security testing using a balanced approach of manual techniques and validated tooling; document
evidence and reproduce findings reliably

Deliver high-quality reporting (executive summary, technical details, risk rating, remediation guidance);
support retesting and closure

Conduct (or support) red team / purple team exercises where applicable, aligning scenarios to business risks
and adversary techniques

Collaborate with defensive teams (SOC/Blue Team/IR) while ensuring appropriate separation and
independence of offensive and defensive activities

Contribute to continuous improvement: refine methodologies, reusable playbooks/checklists, and
knowledge sharing

 

Skills and attributes for success

Strong understanding of common attack paths and security weaknesses across web, infrastructure, identity, and cloud

Structured and disciplined working style (documentation, evidence handling, clear communication, and quality focus)

Ability to translate technical findings into business-relevant risk language and actionable remediation steps

Client-facing mindset with strong stakeholder management and a proactive, ownership-driven attitude

 

To qualify for the role, you must have

3 - 4 years of hands-on experience in penetration testing and/or red teaming with proven delivery of professional reports

Solid knowledge of testing methodologies (e.g., OWASP for web/API testing; structured engagement planning and execution)

Hands-on experience with common offensive security tooling (e.g., Burp Suite, Nmap, scripting for automation/validation)

Strong understanding of Windows/Linux and networking fundamentals; comfortable with troubleshooting and evidence capture

English at least B2 - C1 (written and spoken) is required

Ideally, youll also have

Relevant certifications (e.g., OSCP/OSWE/GPEN/PNPT or comparable) are a plus

Experience with specialized testing domains such as cloud pentesting, mobile, thick client, wireless, or social
engineering (depending on engagement model)

Experience with threat-led red teaming and purple teaming approaches (where applicable)

German B2

 

What we look for

We look for ethical attackers who combine technical depth with maturity and disciplineclear scoping, clean
execution, and crisp communication. You care about impact: delivering findings that teams can fix and running
engagements that measurably improve resilience.

 

What we offer

In EY GDS Spain, were committed to fostering a vibrant environment where every team member can thrive. We
provide a space for continuous learning and the flexibility to define your own success, empowering you to make a
meaningful impact in your own way. Our diverse and inclusive culture values who you are and encourages you to
help others find their voice.

 

Additionally, heres what makes us stand out:

Empowering Career Development: Unlock your potential with tailored training and development
programs designed to elevate your skills and propel your career forward. We invest in your growth
because your success is our success.

Flexible Work-Life Integration: Enjoy the freedom of our hybrid work model, allowing you to blend
professional responsibilities with personal passions. We understand that life is more than just work, and
we support you in achieving that balance.

Comprehensive Well-Being Programs: Prioritize your health with our extensive wellness initiatives,
including psychological support sessions and health resources. At EY GDS Spain, your well-being is at the
heart of what we do.

Meaningful Volunteering Opportunities: Make a difference in your community through our engaging
volunteering programs. Join us in giving back and creating a positive impact while building connections
with like-minded colleagues.

Recognized Performance and Rewards: Celebrate your achievements with our recognition programs
that honor both individual and team successes. We believe in acknowledging hard work and dedication,
ensuring you feel valued every step of the way.

 

Join us at EY GDS Spain, where your journey is supported, your contributions are celebrated, and your future is
bright.

 

To learn more about what we offer, visit our Careers in Global Delivery Services | EY - Global

 

About EY GDS

EY Global Delivery Services (EY GDS) is a dynamic and truly global delivery network of over 75,000 people
working across the world, to provide innovative and strategic business solutions to our clients worldwide. We
play a vital role in growth strategy, helping our clients become agile and efficient, and helping fulfill our purpose
to build a better working world.

 

From accountants to coders, we offer a wide variety of fulfilling career opportunities that span all business
disciplines. We look for skills that are evergreen and our roles evolve with industry trends. We also work across
Finance, Business Development, Technology, Talent, Procurement and Risk Management functions to help our
teams operate as efficiently and effectively as possible.

 

Across our 10 locations and 21 cities, we work with teams from all service lines, geographies, and sectors. We
operate in Argentina, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom.
Our EY GDS Spain office is located at Malaga Technology Park and currently employs over 1000 people.

 

If you are interested in being part of our team, we kindly invite you to submit your CV in English to apply for
this position.

 

The exceptional EY GDS experience. Its yours to build.