Red Team Specialist

Be the true you

Simulate real-world cyber threats, develop innovative tradecraft, and execute covert operations in complex IT environments at Deloitte.

Benefits

• You will receive a profit-sharing bonus on top of your fixed salary.
• Continue professional growth by joining our development program.
• A work-from-home office setup allowance to make sure you have everything you need for an ergonomically designed workstation, plus an internet allowance.
• Work part-time (32 hours a week) or full-time (40 hours a week).

What's in it for you?

• In addition to a competitive salary, a share in our profits.
• An overtime arrangement that allows you to receive compensation for overtime.
• Great growth opportunities, depending on your ambitions and performance.
• A development program that helps you keep growing.
• Flexible working hours and the opportunity to work from home.
• 26 days of paid holiday annually, and the opportunity to purchase 15 additional holiday days annually.
• The opportunity to take a month of unpaid leave once annually.
• The possibility to go on sabbatical for at least 2 months.
• A good mobility scheme: choice between a company car with a fuel pass for Europe or the Mobility+ option or a gross cash option with which you arrange all your own transport or a public transport annual subscription.
• An iPhone, which is also for personal use.
• A laptop with a 4G connection.
• A good pension scheme.
• An opportunity to take part in our collective health insurance scheme.
• An opportunity to benefit from tax-efficient facilities, such as company fitness and a bicycle scheme.

About the role

You are an offensive security enthusiast, finding creative ways to break into highly secured environments and laterally move to obtain access to the most critical assets. You do all this staying under the radar of Blue Teams and sysadmins. You are keen on researching new techniques and developing solutions to reach your goals.

What you bring

• Mastered C2 frameworks like Mythic, Cobalt Strike, Brute Ratel, Nighthawk.
• A track record of obtaining initial footholds in mature enterprise environments.
• Experience evading Endpoint Detection and Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, Elastic, SentinelOne, and Trellix.
• Advanced knowledge of common enterprise technologies such as Active Directory and Azure/Entra ID.
• Programming experience in languages such as C/C++, C#, PowerShell, Python and bash.
• A creative mindset to the entire cyber kill chain from obtaining initial access to achieving objectives that align with organization-specific business risks (not just “Domain Admin”!).
• Conducted Red Team operations in complex environments, e.g., TIBER-EU, ART, CBEST.
• A passion for R&D with experience crafting your own tools and a drive to stay up-to-date with attack techniques and vulnerabilities.
• Worked proficiently with offensive tooling like Impacket, Mimikatz, Kekeo, BloodHound, Rubeus, socat and Sysinternals suite.
• Good communication skills and fluency in English.

Nice to have

• Relevant certifications (e.g., OSEP, OSED, OSEE, CRTO, CRTL, CRTE, CCRTS/CCSAS).
• Presented at security conferences or written technical blogs and whitepapers.

What impact will you make?

We take a proactive approach to strengthening organisational resilience through ethical hacking. As a Red Team specialist, you will work in a highly skilled team to perform Red Team exercises for our international clients. Using your offensive skills and experience, you will covertly breach our clients’ networks and provide recommendations to strengthen the client’s security posture. To sharpen your skills, you will perform research on the latest techniques and tools, join and share insights at our Deloitte Global Red Team knowledge exchange sessions.

How do you do this?

• Finding creative ways to obtain a foothold in a client's network.
• Applying an adversary mindset to simulate sophisticated actors and achieve project-specific objectives.
• Covertly traversing the network, avoiding detection.
• Performing research, developing your own tools, and sharpening your tradecraft.
• Sharing your research within the Deloitte Global Red Team community and with the broader security community, for example writing blogs, speaking at conferences, or publishing code.
• Turning security weaknesses into tailored and concrete recommendations which you will present to clients.
• Follow-up to Red Team exercises with Purple Team workshops to help our clients’ defensive teams to identify tactics, techniques, and procedures (TTPs) used by real-world adversaries.