As part of the Deloitte Offensive Security team, you'll be responsible for defining, carrying out, and overseeing penetration testing projects to uncover security vulnerabilities in client's IT systems. You will be required to report on the identified vulnerabilities and provide recommendations for their remediation. Additionally, you will play a crucial role in the team, and other members will look to you as a subject matter expert for guidance and mentorship.
In this role you will respond to client requests, anticipating and meeting client problems and needs using innovative approaches when applicable. You will be involved in all aspects of security and vulnerability management engagements which include but are not limited to:
Network and host layer penetration tests and vulnerability assessments
Firewall, networking, and security device reviews
Web application assessments
API assessments
Mobile application assessments
Red Teaming - targeting technical, physical, and human layers of an organisation’s security controls.
Source code reviews using manual and automated tools.
Malware reverse engineering
Wireless Assessments
Closing meetings to present findings to the client.
Detailed reporting and proposal writing
About The Team
Positioned first globally in Security Consulting Services for the 6th year in a row. Yep, that’s Deloitte. The cyberspace is constantly evolving and so are the threats that it brings. That’s why our work is more meaningful (and exciting!) than ever. Always one step ahead, we predict risks and safeguard our clients through end-to-end solutions. More importantly, we help clients unlock new opportunities through safer and more secure systems and policies.
Enough About Us, Let’s Talk About You.
We are currently looking for experienced Penetration Testers at Senior Analyst, Manager and Senior Manager levels with the following experience and qualifications:
Hold a current OSCP or CREST Certified Tester (CCT) in either Infrastructure or Web Applications or similar certification or be in a position and level to pass the exam for the certification
For more senior roles, experience in Red Team engagements. With a capability in line with the CORIE framework or similar (e.g. CBEST, TIBER)
Experience in working with applications that perform a wide range of business functions - ideally across multiple industries
Ability to understand and assess applications from both a technical and business function perspective
Good experience in performing web application penetration testing and development of supporting business and technical-level reporting
Innovative and analytical in your approach to performing penetration testing, particularly of novel devices and environments
Capable of working to strict deadlines and prioritising work appropriately
The ability to develop scripts or code to automate testing and develop bespoke attacks
Good communication skills with an ability to explain complex technical issues to non-technical business clients
Excellent written skills with demonstrated ability to write reports and proposals. Including the ability to discuss findings from a risk perspective with clear remediation advice specific to the client’s environment.
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل.
نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا