Red Team Specialist

Simulate real-world cyber threats, develop innovative tradecraft, and execute covert operations in complex IT environments at Deloitte.

Benefits

• You’ll receive a profit-sharing bonus on top of your fixed salary.
• Continuous professional growth through our development program.
• A work-from-home office setup allowance to ensure you have everything you need for an ergonomically designed workstation, plus internet allowance.
• The option to work part-time or full-time.

What impact will you make?

We take a proactive approach to strengthening organisational resilience through ethical hacking. As a Red Team specialist, you will work in a highly skilled team to perform Red Team exercises for international clients. Using your offensive skills and experience, you will covertly breach client networks and provide recommendations to strengthen the client’s security posture. To sharpen your skills, you will research the latest techniques and tools and join Deloitte Global Red Team knowledge exchange sessions.

How do you do this?

• Finding creative ways to obtain a foothold in a client's network.
• Applying an adversary mindset to simulate sophisticated actors and achieve project-specific objectives.
• Covertly traversing the network while avoiding detection.
• Performing research, developing your own tools, and sharpening your tradecraft.
• Sharing your research within the Deloitte Global Red Team community and with the broader security community, for example by writing blogs, speaking at conferences, or publishing code.
• Turning security weaknesses into tailored and concrete recommendations and presenting them to clients.
• Following up Red Team exercises with Purple Team workshops to help clients’ defensive teams identify tactics, techniques, and procedures (TTPs) used by real-world adversaries.

You are an offensive security enthusiast who finds creative ways to break into highly secured environments and laterally move to obtain access to the most critical assets, while staying under the radar of Blue Teams and system administrators. You are keen on researching new techniques and developing solutions to reach your goals. For this role, you also have:

• Mastered C2 frameworks like Mythic, Cobalt Strike, Brute Ratel, and Nighthawk.
• A track record of obtaining initial footholds in mature enterprise environments.
• Experience evading Endpoint Detection and Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, Elastic, SentinelOne, and Trellix.
• Advanced knowledge of common enterprise technologies such as Active Directory and Azure/Entra ID.
• Programming experience in languages such as C/C++, C#, PowerShell, Python, and bash.
• A creative mindset across the entire cyber kill chain, from obtaining initial access to achieving objectives aligned with organisation-specific business risks.
• Conducted Red Team operations in complex environments, such as TIBER-EU, ART, and CBEST.
• A passion for R&D, experience crafting your own tools, and a drive to stay up to date with attack techniques and vulnerabilities.
• Worked proficiently with offensive tooling like Impacket, Mimikatz, Kekeo, BloodHound, Rubeus, socat, and the Sysinternals suite.
• Good communication skills and fluency in English.
• While not mandatory, relevant certifications can be an advantage, such as OSEP, OSED, OSEE, CRTO, CRTL, CRTE, and CCRTS/CCSAS.
• It’s a plus if you have presented at security conferences or written technical blogs and whitepapers.