Job Requisition ID: ***** Choice and flexibility on where, when and how you work Mentoring programs – receive support and coaching to progress your career Recognition culture to celebrate milestones and discounts at hundreds of retailers What will your typical day look like?
As part of the Deloitte Offensive Security team, you'll be responsible for defining, carrying out, and overseeing penetration testing projects to uncover security vulnerabilities in client's IT systems.
You will be required to report on the identified vulnerabilities and provide recommendations for their remediation.
In this role you will respond to client requests, anticipating and meeting client problems and needs using innovative approaches when applicable.
You will be involved in all aspects of security and vulnerability management engagements which include but are not limited to: Network and host layer penetration tests and vulnerability assessments Firewall, networking, and security device reviews Web application assessments API assessments Mobile application assessments Red Teaming - targeting technical, physical and human layers of an organisation's security controls.
Source code reviews using manual and automated tools.
Malware reverse engineering Wireless Assessments Closing meetings to present findings to the client.
Detailed reporting and proposal writing About the team Positioned first globally in Security Consulting Services for the 6th year in a row.
Yep, that's Deloitte.
The cyberspace is constantly evolving and so are the threats that it brings.
That's why our work is more meaningful (and exciting) than ever.
Always one step ahead, we predict risks and safeguard our clients through end-to-end solutions.
More importantly, we help clients unlock new opportunities through safer and more secure systems and policies.
Enough about us, let's talk about you.
You are someone with: 4+ years of experience in penetration testing.
Knowledge across a variety of platforms, operating systems, networked environments, emerging security techniques, vulnerabilities and approaches.
Certification in at least one of the following: OSCP, CRT, OSCE, OSWE, OSEP, or equivalent Experience with at least 4 of Infrastructure, Web applications, APIs, Mobiles, Red Team, Wireless, Thick Client, Cloud and IoT.
Experience with known C2 frameworks and advanced penetration testing concepts like AV, EDR bypasses.
Demonstrated experience of sharing knowledge within the team, i.e. Team presentations Experience in being a lead tester for engagements.
Can work on projects with limited support or independently.
Good reporting skills and ability to deliver reports promptly.