Red Team Service Delivery Lead
Chicago, IL

Job Description

Overview of the Role

Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Touche Tohmatsu Limited (DTTL) Global supports our network of national member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports.

The Deloitte Global Cybersecurity function is responsible for the firm's overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center.

The Senior Cyber Security Tester reports to the Regional Technical Delivery Manager. The role focuses on the delivery of complex threat intelligence led technical operations to assess the effectiveness of policies, procedures, technical controls and staff awareness to security threats.

The role will be operational responsible for the assessment of threat intelligence sources, campaign planning, execution of technical exercises and integration of feedback into customer deliverables.

Responsibilities

Operational

* Deliver technical security testing across the following fields;
* Red Team Operations


* Software/Web Application/Web Services penetration testing


* Network Penetration Testing


* Mobile Application Penetration Testing


* Thick Client Penetration Testing




* Conducting focused research when not deployed on an active project


* Provide consultative guidance to customers on findings identified in a clear and actionable fashion both in writing and verbally


* Develop and maintain open source intelligence providers/processes


* Escalates key risks and issues to the Regional Technical Delivery Lead


* Assist in the continual improvement of service methodologies, processes, rules of engagements and customer deliverables



Relationship Management

* Work closely with the security operations center to enhance the deployment of security controls and operating procedures based on the outcome of technical security operations


* Work with the Cyber Project coordination function to deliver on customer requirements for the technical security operations


* Work closely with regional security operations centres to enhance



Expectations from the Professional

Our purpose is to make an impact that matters and our aspiration is to be the undisputed leader in professional services. At the root of these goals are our Shared Values, which describe the distinctive Deloitte culture. Our Values are timeless, all-encompassing and embrace the cultures in which Deloitte member firms operate. We expect all professionals to live our purpose and shared values and be the brand ambassadors holding Deloitte Global and member firms together.

Integrity

At Deloitte, everything we do starts with integrity. In our marketplace, nothing is more important than our reputation and, accordingly, we commit to conducting business with honesty, distinctive quality, and high levels of professional behavior.

Outstanding value to markets and clients

We play a critical role in helping both the capital markets and our member firm clients operate more effectively. We consider this role a privilege, and we know it requires constant vigilance and unrelenting commitment.

Commitment to each other

We are proud of our culture of borderless collegiality and work hard to support our people. We strive to create an inclusive environment that reflects our strong, clear expectations about diversity, respect, and fair treatment.

Strength from cultural diversity

Our member firm clients' business challenges are complex and benefit from the innovation and varied perspectives that our practitioners bring. We understand that working with people of different backgrounds, cultures, and thinking styles helps our people grow into better professionals and leaders.

#GLBShSecSvc

Education

* Bachelor's degree: degree in a technology-related field, or equivalent education-related experience


* Master's degree preferred



Work experience

* Minimum of 6 years of combined experience in the Cybersecurity domain with a focus on security testing and analysis


* Proven track record and experience at delivering the following;
* Threat intelligence based red team operations


* Penetration testing across diverse fields (e.g. Web Applications, infrastructure)


* Vulnerability analysis and research





Certification

* Cyber testing related certifications/designations, such as (Or equivalent):
* Offensive Security Certified Professional (OSCP)


* CREST


* Certified Ethical Hacker (CEH)


* GIAC Web Application Penetration Tester (GWAPT)




* Professional security management certification strongly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM



Skills/abilities

* Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels


* Knowledge and understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard


* Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework


* Experience interacting, presenting and working with C-level executives (CEO, CIO, etc.)


* Ability to travel as needed up to 20%


* Proficiency with typical technical tolling such as, Cobalt Strike, Burp, Nessus, Nmap, Censys and other common technical tools



All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com

Requisition code: DE19EMAGTS006MB0590

*
*
*
*
*
*