Senior Manager | Offensive Security | Adelaide

Add expected salary to your profile for insights

Salary packaging - to suit your personal and financial circumstances

Flexible work arrangements - work in a way that suits you best

Rewards platform - your hard work won't go unnoticed at Deloitte

About the role

As part of the Deloitte Offensive Security team, you'll be responsible for defining, carrying out, and overseeing penetration testing projects to uncover security vulnerabilities in client's IT systems. You will be required to report on the identified vulnerabilities and provide recommendations for their remediation. Additionally, you will play a crucial role in the team, and other members will look to you as a subject matter expert for guidance and mentorship.

In this role you will respond to client requests, anticipating and meeting client problems and needs using innovative approaches when applicable. You will be involved in all aspects of security and vulnerability management engagements which include but are not limited to:

Network and host layer penetration tests and vulnerability assessments

Firewall, networking, and security device reviews

API assessments

Mobile application assessments

Red Teaming - targeting technical, physical and human layers of an organisation's security controls.

Source code reviews using manual and automated tools.

Malware reverse engineering

Wireless Assessments

Closing meetings to present findings to the client.

Detailed reporting and proposal writing

About the team

Positioned first globally in Security Consulting Services for the 6th year in a row. Yep, that's Deloitte. The cyberspace is constantly evolving and so are the threats that it brings. That's why our work is more meaningful (and exciting!) than ever. Always one step ahead, we predict risks and safeguard our clients through end-to-end solutions. More importantly, we help clients unlock new opportunities through safer and more secure systems and policies.

Enough about us, let's talk about you.

We are currently looking for experienced Penetration Testers at Senior Analyst, Manager and Senior Manager levels with the following experience and qualifications:

Hold a current OSCP or CREST Certified Tester (CCT) in either Infrastructure or Web Applications or similar certification or be in a position and level to pass the exam for the certification

For more senior roles, experience in Red Team engagements. With a capability in line with the CORIE framework or similar (e.g. CBEST, TIBER)
Experience in working with applications that perform a wide range of business functions - ideally across multiple industries

Ability to understand and assess applications from both a technical and business function perspective

Good experience in performing web application penetration testing and development of supporting business and technical-level reporting

Innovative and analytical in your approach to performing penetration testing, particularly of novel devices and environments

Capable of working to strict deadlines and prioritising work appropriately

The ability to develop scripts or code to automate testing and develop bespoke attacks

Good communication skills with an ability to explain complex technical issues to non-technical business clients

Excellent written skills with demonstrated ability to write reports and proposals. Including the ability to discuss findings from a risk perspective with clear remediation advice specific to the client's environment.

Experience in one or more of the following:

Web Applications

API's and Microservices

Application vulnerability assessment

Mainframe systems

Endpoint protection

Practical exposure to security appliances such as firewalls, proxies, NIPS/HIPS and network security applications

Working knowledge of web concepts such as Ajax, XML, SOAP, and WS-Security

Familiarity with the Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP) and National Institute of Standards and Technology (NIST) Special Publications.

Familiarity with penetration testing and vulnerability tools such as Cobalt Strike, Kali Linux, dsniff, nessus, nmap, MetaSploit, CoreImpact, Qualys, tcpdump, wireshark, Nikto, Aircrack-ng, Hailstorm, Burp Suite, etc.

Strong programming experience with Visual Basic and C/C++ or Java languages

Networking: LAN, WAN, interworking technologies

Good understanding of IaaS environments like Azure, AWS and GCP

At Deloitte, we focus our energy on interesting and impactful work.We're always learning, innovating and setting the standard; making a positive difference to our clients and our society. We putcoaching at the heart of what we do, helping our people grow their careers in any direction - whether it be up, moving into something new, or even moving across the world.

We embrace diversity, equity and inclusion.We have a diverse collection of people from differentbackgrounds, with different experiences, gender identities, abilitiesandthinking styles. What binds us together is a shared commitment tovalueeveryone'sperspectiveand to cultivate inclusion; so that our work environment is a safe space we can all belong.

We prioritise flexibility and choice.At Deloitte, you get trust on Day 1.We know our people get their best work done when they're in control of where and how they work, designing their work week around their client, team and personal commitments.

We help you live and work well.To support your personal and professional life, we offer a range ofperks and benefits, including retail discounts, wellbeingleave, paid volunteering days, twelveflexible working options, market-leading parental leave and return to work support package.

Next StepsSound like the sort of role for you? Apply now.

Salary match Number of applicants Skills match

Consulting & Strategy More than 10,000 employees

We live in a world that’s constantly shifting and changing. Now, more than ever, we're making an impact that matters.

We're coming up with all kinds of imaginative ways to solve Australia's biggest challenges, through curiosity and a culture of possibility.

Our people get to work with complexity and ambiguity every day, creating a truly diverse array of skills and perspectives that enable us to design the most impactful ideas out there. We lead in audit and assurance, consulting, tax and legal, financial and risk advisory services.

Whether you’re a disruptor, a creator or decision-maker – your green dot is what you make of it.

We live in a world that’s constantly shifting and changing. Now, more than ever, we're making an impact that matters.

We're coming up with all kinds of imaginative ways to solve Australia's biggest challenges, through curiosity and a culture of possibility.

Our people get to work with complexity and ambiguity every day, creating a truly diverse array of skills and perspectives that enable us to design the most impactful ideas out there. We lead in audit and assurance, consulting, tax and legal, financial and risk advisory services.

Whether you’re a disruptor, a creator or decision-maker – your green dot is what you make of it.

To help fast track investigation, please include here any other relevant details that prompted you to report this job ad as fraudulent / misleading / discriminatory.