Cyber Red Team Specialist

Deloitte & Touche L.L.P. Phoenix , AZ 85002

Posted 3 months ago

About Deloitte & Touche

Deloitte & Touche LLP's ("Deloitte & Touche's") Risk and Financial Advisory business has a mature risk-based approach, experienced professionals, comprehensive methodologies, and highly technical resources. Deloitte & Touche's services combine competency and experience in the areas of financial reporting, risk management, and compliance.

In the world of professional services, the strength of Deloitte & Touche can be seen by the quality of our clients, which include leading companies across many different industries. With several years in business, Deloitte & Touche has built a reputation for quality and trust and has helped many clients navigate a wide range of challenges. To help our clients succeed, we look beyond tactical information security issues, focusing on how information security mitigates risk, impacts the business and how this aligns with or distracts from company goals. We are able to do this because our highly qualified professionals are passionate about information security and bring real-world knowledge and experience to our clients.

As a leader in Information Security, it is not surprising that our Threat and Vulnerability Management Adversarial Simulation group is experiencing rapid growth. This is due to the success of and demand for our highly innovative services in the areas of security assessment, social engineering, advanced threat defense, application security and forensics, etc. These services are shaping how our clients manage today's advanced security threats and have the potential to set the standard for the future.

Adversarial Simulation

As it becomes increasingly difficult to detect infiltrations and unauthorized activity, organizations need to be prepared for the highly sophisticated attacks they may face. Our Adversarial Simulation service professionals leverage deep experience with attack simulation to help clients qualify and quantify the risk and impact of vulnerabilities across the attack surface including people, processes, and implemented technologies. Our team provides expertise in the areas of red teaming, penetration testing, attack simulation automation, vulnerability assessment, and attack threat profiling.

Job Description

Sophisticated attacks look further than the Cyber aspects to identify weak links to confidential information. These links often remain unidentified by regular tests. "Red Team Operations" allow an organization to assess the Cyber readiness and awareness through scenario based controlled incidents.

Red Teaming goes above and beyond vulnerability testing, as it takes all components within the organization in scope and has a realistic scenario-based approach. It enhances Testing, GRC and Audit work. We are looking for experienced security professionals for our Threat and Vulnerability Management Adversarial Simulation group. For the past 15 years, Deloitte & Touche has had a successful practice helping Fortune 500 clients perform vulnerability assessments, penetration testing, and adversarial simulation (red team operations) in order to identify potential security issues before they are exploited by the adversary. Due to the sensitive nature of this type of testing, many clients have come to rely on Deloitte & Touche based on the reputation for professionalism, capability and quality that Deloitte & Touche has earned. Our security testing services have evolved, expanding beyond traditional network and application security testing to new testing techniques and models to deal with and identify advanced security attacks.

As a Red Team Operator, you will work together with a highly skilled and trained team in Red Team engagements for our clients. In these engagements, you will work to achieve specific objectives by covertly breaching the client's network. We expect our operators to achieve these objectives as quietly as possible without raising alarms that result in detection by Blue Teams. Often, there are physical security objectives that must be met to gain access to the network at a client site. Since no environment is the same, we expect our Red Team Operators to be up-to-date with the latest exploits and potential attack strategies. The results of an exploit must be anticipated by the operator to prevent stability and availability issues to the environment. Our Red Team Operators almost exclusively test in Production environments. Furthermore, we expect you to be able to turn observations and weaknesses into specific, concrete improvement points. Periodically, you can also be asked to take part in traditional penetration testing assessments.

Consultancy Duties:

  • Perform red team assessments including physical, social engineering, and network exploitation

  • Perform internal and external penetration testing of network infrastructure and applications

  • Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases

  • Perform network reconnaissance, OSINT, social engineering, and physical security reviews

  • Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards

  • Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

  • Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects

  • Understand clients' business environment and basic risk management approaches

  • Demonstrate a general knowledge of market trends, competitor activities, Deloitte & Touche products and service lines

  • Generate innovative ideas and challenge the status quo

  • Build and nurture positive working relationships with clients with the intention to exceed client expectations

  • Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services

  • Participate in and actively support mentoring relationships within practice

Required skills:

  • Ability to perform red team assessments and penetration testing using manual testing techniques, scripts, commercial and open source tools

  • Ability to replicate the tactics, techniques, and procedures used by real-world threat actors

  • Experience in exploiting vulnerabilities

  • Ability to read, write and modify scripts

  • Experience with network reconnaissance and open source intelligence (OSINT) gathering

  • Experience with Social Engineering techniques such as spear phishing

  • Experience with OWASP

  • Experience with wireless penetration testing

  • Experience with password cracking

  • Ability to present technical findings to non-technical stakeholder

  • Ability to read and analyze network packet captures

  • Experience with firewall, router, and switch security

  • Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Checkpoint, Microsoft, Unix/Linux, etc

  • Preferred technology experience with the following:

  • Network Penetration Testing: Kali Linux, Metasploit, Mimikatz, Powershell Empire, SET

  • Vulnerability Assessment: Nessus, Qualys, Nexpose, VAS

  • Application Security Penetration testing: Appscan, Nikto, W3af, Vega, Wapiti, Burp proxy, Grendal

  • Wireless Penetration Testing: Kismet, Aircrack, netstumbler, hostapd, freeradius,

  • AV evasion: Veil Evasion, Shellter Evasion.

  • Vulnerability Assessment: Nessus, Qualys, Nexpose

  • Database Testing: Scuba, SQLninja, AppDetectivePro, Havij, Mysqloit, SQLmap, etc

  • Network Assessment: NMAP, Nipper, Wireshark, TCPdump

  • Password Cracking: John the Ripper, Medusa, Cain, rainbow tables, hashcat, Hydra, Cain and Able.

  • Scripting: Bash, Python, Powershell, Gcode, Java, C++, C#, Perl


  • 2+ years in Red Team operations and/or Penetration Testing

  • BA/BS in information technology or related field, MS preferred

  • SANS GPEN, GXPN, OSCP, or OSCE required.

  • Scripting experience in at least one programming language such as Python or PowerShell

  • Knowledge of Active Directory concepts

  • Knowledge of Windows internals

  • Knowledge of *nix systems

  • Excellent verbal and written communication

  • Prior Big 4 or other consulting experience a plus

  • Willingness to travel 80%

  • Strong analytical skills

  • Strong team player with ability to take charge of their area of expertise

  • Strong initiative

  • Comfortable working outside their comfort zone with a willingness to learn

Preferred Qualifications:

  • Limited immigration sponsorship may be available

As used in this document, "Deloitte" means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available.

Requisition code: E20NATESPSMC004-RED

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Lead Cyber Security Engineer


Posted 2 days ago

VIEW JOBS 11/15/2019 12:00:00 AM 2020-02-13T00:00 The future is what you make it! When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future. That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings safe and even making it possible to breathe on Mars. Working at Honeywell isn't just about developing cool things. That's why all of our employees enjoy access to dynamic career opportunities across different fields and industries. At Honeywell, our outstanding team of scientists, engineers, and professionals develop ground breaking technology by applying their expertise in complex hardware and software control systems, atomic physics, ultra-high vacuum environments, cryogenics, cyber security and others. Are you ready to help us make the future? We are seeking a Lead Cyber Security Engineer for our Golden Valley, MN or Phoenix, AZ location! This is a fantastic opportunity for an experienced security engineer to join our growing team. Position will include professional development via industry training and attendance to select conferences. Key Responsibilities: * Identify and propose solutions to research challenges in the security of electronic systems * Perform vulnerability analysis on a diverse set of systems, technologies and domains * Evaluate attack surfaces * Reverse engineer software, firmware, hardware, and/or network protocols * Identify vulnerabilities and build proof-of-concepts (PoC) to demonstrate impact to partners. YOU MUST HAVE * Bachelor's degree * Minimum 7+ years' experience in Cyber Security * Extensive research and development experience, applying deep technical knowledge to complete projects and provide high-impact results * U.S. Citizen with the ability to obtain and maintain a security clearance WE VALUE * Master's degree or PhD in Computer Science, Electrical Engineering or similar discipline with an emphasis on security * Experience in developing research proposals to internal and external customers * Experience with a variety of operating systems (e.g. Windows, Linux, mobile, embedded) * Software development experience (PoC-level) in C/C++, Python, Java, .NET, PowerShell or similar * Experience using virtualization platforms such as VMWare * Experience with software reverse engineering (SRE) frameworks like Ghidra, IDA Pro, Radare, or Binary Ninja * Experience analyzing and debugging network traffic/protocols (wired and wireless) with tools like tcpdump, Wireshark or Tshark * Working knowledge with OWASP Top 10 for web applications, mobile and IoT * Experience in SCADA (Supervisory Control and Data Access), DCS (Distributed Control Systems), energy/smart-grid, building automation or related fields * Certifications from: (ISC)2, SANS/GIAC, or Offensive Security * An active DoD Secret Clearance or have previously held a clearance within last two years Additional Information * Category: Engineering * Location: 1985 Douglas Drive North, Suite Corp ACST, Golden Valley, MN 55422 USA * Exempt * Honeywell Phoenix AZ

Cyber Red Team Specialist

Deloitte & Touche L.L.P.