About Deloitte & Touche
Deloitte & Touche LLP's ("Deloitte & Touche's") Risk and Financial Advisory business has a mature risk-based approach, experienced professionals, comprehensive methodologies, and highly technical resources. Deloitte & Touche's services combine competency and experience in the areas of financial reporting, risk management, and compliance.
In the world of professional services, the strength of Deloitte & Touche can be seen by the quality of our clients, which include leading companies across many different industries. With several years in business, Deloitte & Touche has built a reputation for quality and trust and has helped many clients navigate a wide range of challenges. To help our clients succeed, we look beyond tactical information security issues, focusing on how information security mitigates risk, impacts the business and how this aligns with or distracts from company goals. We are able to do this because our highly qualified professionals are passionate about information security and bring real-world knowledge and experience to our clients.
As a leader in Information Security, it is not surprising that our Threat and Vulnerability Management Adversarial Simulation group is experiencing rapid growth. This is due to the success of and demand for our highly innovative services in the areas of security assessment, social engineering, advanced threat defense, application security and forensics, etc. These services are shaping how our clients manage today's advanced security threats and have the potential to set the standard for the future.
As it becomes increasingly difficult to detect infiltrations and unauthorized activity, organizations need to be prepared for the highly sophisticated attacks they may face. Our Adversarial Simulation service professionals leverage deep experience with attack simulation to help clients qualify and quantify the risk and impact of vulnerabilities across the attack surface including people, processes, and implemented technologies. Our team provides expertise in the areas of red teaming, penetration testing, attack simulation automation, vulnerability assessment, and attack threat profiling.
Sophisticated attacks look further than the Cyber aspects to identify weak links to confidential information. These links often remain unidentified by regular tests. "Red Team Operations" allow an organization to assess the Cyber readiness and awareness through scenario based controlled incidents.
Red Teaming goes above and beyond vulnerability testing, as it takes all components within the organization in scope and has a realistic scenario-based approach. It enhances Testing, GRC and Audit work. We are looking for experienced security professionals for our Threat and Vulnerability Management Adversarial Simulation group. For the past 15 years, Deloitte & Touche has had a successful practice helping Fortune 500 clients perform vulnerability assessments, penetration testing, and adversarial simulation (red team operations) in order to identify potential security issues before they are exploited by the adversary. Due to the sensitive nature of this type of testing, many clients have come to rely on Deloitte & Touche based on the reputation for professionalism, capability and quality that Deloitte & Touche has earned. Our security testing services have evolved, expanding beyond traditional network and application security testing to new testing techniques and models to deal with and identify advanced security attacks.
As a Red Team Operator, you will work together with a highly skilled and trained team in Red Team engagements for our clients. In these engagements, you will work to achieve specific objectives by covertly breaching the client's network. We expect our operators to achieve these objectives as quietly as possible without raising alarms that result in detection by Blue Teams. Often, there are physical security objectives that must be met to gain access to the network at a client site. Since no environment is the same, we expect our Red Team Operators to be up-to-date with the latest exploits and potential attack strategies. The results of an exploit must be anticipated by the operator to prevent stability and availability issues to the environment. Our Red Team Operators almost exclusively test in Production environments. Furthermore, we expect you to be able to turn observations and weaknesses into specific, concrete improvement points. Periodically, you can also be asked to take part in traditional penetration testing assessments.
Perform red team assessments including physical, social engineering, and network exploitation
Perform internal and external penetration testing of network infrastructure and applications
Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
Perform network reconnaissance, OSINT, social engineering, and physical security reviews
Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
Understand clients' business environment and basic risk management approaches
Demonstrate a general knowledge of market trends, competitor activities, Deloitte & Touche products and service lines
Generate innovative ideas and challenge the status quo
Build and nurture positive working relationships with clients with the intention to exceed client expectations
Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
Participate in and actively support mentoring relationships within practice
Ability to perform red team assessments and penetration testing using manual testing techniques, scripts, commercial and open source tools
Ability to replicate the tactics, techniques, and procedures used by real-world threat actors
Experience in exploiting vulnerabilities
Ability to read, write and modify scripts
Experience with network reconnaissance and open source intelligence (OSINT) gathering
Experience with Social Engineering techniques such as spear phishing
Experience with OWASP
Experience with wireless penetration testing
Experience with password cracking
Ability to present technical findings to non-technical stakeholder
Ability to read and analyze network packet captures
Experience with firewall, router, and switch security
Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Checkpoint, Microsoft, Unix/Linux, etc
Preferred technology experience with the following:
Network Penetration Testing: Kali Linux, Metasploit, Mimikatz, Powershell Empire, SET
Vulnerability Assessment: Nessus, Qualys, Nexpose, VAS
Application Security Penetration testing: Appscan, Nikto, W3af, Vega, Wapiti, Burp proxy, Grendal
Wireless Penetration Testing: Kismet, Aircrack, netstumbler, hostapd, freeradius,
AV evasion: Veil Evasion, Shellter Evasion.
Vulnerability Assessment: Nessus, Qualys, Nexpose
Database Testing: Scuba, SQLninja, AppDetectivePro, Havij, Mysqloit, SQLmap, etc
Network Assessment: NMAP, Nipper, Wireshark, TCPdump
Password Cracking: John the Ripper, Medusa, Cain, rainbow tables, hashcat, Hydra, Cain and Able.
Scripting: Bash, Python, Powershell, Gcode, Java, C++, C#, Perl
2+ years in Red Team operations and/or Penetration Testing
BA/BS in information technology or related field, MS preferred
SANS GPEN, GXPN, OSCP, or OSCE required.
Scripting experience in at least one programming language such as Python or PowerShell
Knowledge of Active Directory concepts
Knowledge of Windows internals
Knowledge of *nix systems
Excellent verbal and written communication
Prior Big 4 or other consulting experience a plus
Willingness to travel 80%
Strong analytical skills
Strong team player with ability to take charge of their area of expertise
Comfortable working outside their comfort zone with a willingness to learn
As used in this document, "Deloitte" means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available. https://www2.deloitte.com/us/en/pages/careers/articles/ban-the-box-notices.html
Requisition code: E20NATESPSMC004-RED
Deloitte & Touche L.L.P.