Manager - Tech Consulting - Cybersecurity - Penetration Testing - Cairo
EY
Manager - Cyber Security - Offensive Security Specialist
As a Manager in Offensive Security, you will lead the delivery of offensive security services, oversee client engagements, and manage a team of consultants. You will be responsible for ensuring high-quality delivery of penetration testing, red/purple team engagements, and adversary simulations. This role combines technical expertise, client advisory, and team leadership, with additional responsibilities in business development and innovation. The client base spans various sectors and includes collaboration with other teams within Advisory services.
The opportunity
We’re looking for a manager with proven leadership in offensive security and a strong track record in overseeing and delivering complex security engagements to join our Cyber Technology Consulting team. This is a fantastic opportunity to lead high-impact projects, guide talented consultants, and be part of a leading firm shaping the future of cybersecurity
Your key responsibilities
- Manage and oversee offensive security engagements, including:
- Web, mobile, APIs, thick client, and cloud penetration testing
- Internal/external network and wireless security assessments
- Red team and purple team operations (including OSINT, social engineering, and physical security assessments)
- Define methodologies, frameworks, and toolkits for red team and adversarial simulations aligned to MITRE ATT&CK, Cyber Kill Chain, and the Diamond Model.
- Guide the use of C2 frameworks (Cobalt Strike, Brute Ratel, NightHawk, Havoc, Sliver, Mythic, Merlin) and Breach & Attack Simulation (BAS) platforms in client engagements.
- Review and validate advanced tradecraft such as EDR/AV evasion, C2 infrastructure setup, malware development, and offensive R&D.
- Translate complex technical risks into business-relevant insights for executive level, producing executive-ready reports and presentations.
- Act as the subject matter expert (SME) for client discussions, workshops, and industry events
- Drive pre-sales and business development activities, including proposal development, scoping sessions, and client relationship management.
- Manage accounts and relationships on a day-to-day basis and explore new business opportunities for the firm.
- Assist in developing new methodologies and internal initiatives and help in creating a positive learning culture by coaching, counselling and developing junior team members.
- Ensure compliance with local and international cybersecurity frameworks (e.g., NCA ECC/DCC, ISO 27001, PCI DSS).
- Manage multiple engagements, ensuring timely delivery, quality assurance, and adherence to industry best practices.
- Responsible for overall client service quality delivery in accordance with EY quality guidelines & methodologies
Skills and attributes for success
- Leadership and people management, with the ability to grow and retain high-performing teams.
- Strong project management skills, ensuring engagements are delivered on time, on budget, and at high quality.
- Excellent business acumen, with the ability to contribute to go-to-market strategies and service development.
- Ability to balance hands-on technical oversight with strategic advisory.
- Ability to interpret complex technical results and present insights to business stakeholders.
- Strong analytical, problem-solving, and critical-thinking skills.
- Excellent communication and collaboration skills
- Deep technical understanding of offensive security methodologies.
To qualify for the role, you must have
- A bachelor's or master’s degree in information technology, cyber security etc.
- 7–10 years of experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments., with at least 2–3 years in a leadership or managerial role.
- Knowledge of Windows, Linux, UNIX, any other major operating systems.
- Deep understanding of TCP/IP network protocols and experience with various Active Directory attack techniques.
- Understanding of network security and popular attacks vectors.
- In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Experience with manual attack and penetration testing.
- Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
- Proven track record in leading red/purple team operations, adversarial simulations, and social engineering campaigns.
- Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
- Recognized certifications such as OSCP, OSWE, OSEP, OSEE, GXPN, CRTO2, SANS LDR551, GPEN, GWAPT.
- Exposure to offensive R&D, malware development, and automation for scaling engagements is highly desirable.
- Strong business development/ account management and client relationship skills.
- A valid passport for travel.
- Excellent communication skills with a consulting mindset.
Ideally, you’ll also have
- Project management skills.
- Relevant certifications such as OSCP, OSCE, OSWE, OSEP, OSEE, GXPN, CRTO, SANS GWAPT, GPEN.
- Strong understanding of security frameworks and methodologies (e.g., MITRE ATT&CK, OWASP, NIST).
What we offer
We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
The exceptional EY experience. It’s yours to build.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.