Manager Offensive Security

5 months ago

Melbourne, Australia Deloitte Full time

Job Requisition ID: 34883 

About the role

As part of the Deloitte Offensive Security team, you'll be responsible for defining, carrying out, and overseeing penetration testing projects to uncover security vulnerabilities in client's IT systems. You will be required to report on the identified vulnerabilities and provide recommendations for their remediation. Additionally, you will play a crucial role in the team, and other members will look to you as a subject matter expert for guidance and mentorship.

In this role you will respond to client requests, anticipating and meeting client problems and needs using innovative approaches when applicable. You will be involved in all aspects of security and vulnerability management engagements which include but are not limited to:

  • Network and host layer penetration tests and vulnerability assessments
  • Firewall, networking, and security device reviews
  • Web application assessments
  • API assessments
  • Mobile application assessments
  • Red Teaming - targeting technical, physical and human layers of an organisation’s security controls.
  • Source code reviews using manual and automated tools.
  • Malware reverse engineering
  • Wireless Assessments
  • Closing meetings to present findings to the client.
  • Detailed reporting and proposal writing

About the team
Positioned first globally in Security Consulting Services for the 6th year in a row. Yep, that’s Deloitte. The cyberspace is constantly evolving and so are the threats that it brings. That’s why our work is more meaningful (and exciting) than ever. Always one step ahead, we predict risks and safeguard our clients through end-to-end solutions. More importantly, we help clients unlock new opportunities through safer and more secure systems and policies.

Enough about us, let’s talk about you.
We are currently looking for experienced Penetration Testers at Senior Analyst, Manager and Senior Manager levels with the following experience and qualifications:
•    Hold a current OSCP or CREST Certified Tester (CCT) in either Infrastructure or Web Applications or similar certification or be in a position and level to pass the exam for the certification
•    For more senior roles, experience in Red Team engagements. With a capability in line with the CORIE framework or similar (e.g. CBEST, TIBER)
•    Experience in working with applications that perform a wide range of business functions - ideally across multiple industries
•    Ability to understand and assess applications from both a technical and business function perspective
•    Good experience in performing web application penetration testing and development of supporting business and technical-level reporting
•    Innovative and analytical in your approach to performing penetration testing, particularly of novel devices and environments
•    Capable of working to strict deadlines and prioritising work appropriately
•    The ability to develop scripts or code to automate testing and develop bespoke attacks
•    Good communication skills with an ability to explain complex technical issues to non-technical business clients
•    Excellent written skills with demonstrated ability to write reports and proposals. Including the ability to discuss findings from a risk perspective with clear remediation advice specific to the client’s environment.

Experience in one or more of the following:
•    Reverse engineering
•    Web Applications
•    API’s and Microservices
•    Exploit Development
•    Application vulnerability assessment
•    Mainframe systems
•    Mobile platforms (iOS/Android/Windows/etc)
•    Social Engineering
•    Endpoint protection
•    Practical exposure to security appliances such as firewalls, proxies, NIPS/HIPS and network security applications
•    Working knowledge of web concepts such as Ajax, XML, SOAP, and WS-Security
•    Familiarity with the Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP) and National Institute of Standards and Technology (NIST) Special Publications.
•    Familiarity with penetration testing and vulnerability tools such as Cobalt Strike, Kali Linux, dsniff, nessus, nmap, MetaSploit, CoreImpact, Qualys, tcpdump, wireshark, Nikto, Aircrack-ng, Hailstorm, Burp Suite, etc.
•    Strong programming experience with Visual Basic and C/C++ or Java languages
•    Networking: LAN, WAN, interworking technologies
•    Good understanding of IaaS environments like Azure, AWS and GCP

Why Deloitte?
 

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.  

We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong. 

We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team and personal commitments.

We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package. 

Next Steps
Sound like the sort of role for you? Apply now.

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.

  • Offensive Security Managing Consultant

    4 weeks ago

    Melbourne, Victoria, Australia Triskele Labs Global Pty Full time

    Job Title: Offensive Security Managing ConsultantJoin Triskele Labs Global Pty as an Offensive Security Managing Consultant and take on a challenging role that combines team management and hands-on penetration testing.About the RoleThis hybrid position requires a unique blend of technical expertise and leadership skills. As an Offensive Security Managing...

  • Offensive Security Specialist

    2 months ago

    Port Melbourne, Australia Vero Insurance Full time

    Offensive Security EngineerAbout the RoleWe are seeking a highly skilled Offensive Security Engineer to join our Cyber Security team. As a key member of our Red Team, you will be responsible for designing, planning, and executing Red and Purple Team operations to enhance our overall security posture.Key ResponsibilitiesDesign and execute Red and Purple Team...

  • Manager Offensive Security

    5 months ago

    Melbourne, Australia Deloitte Full time

    Job Requisition ID:  34883  About the role As part of the Deloitte Offensive Security team, you'll be responsible for defining, carrying out, and overseeing penetration testing projects to uncover security vulnerabilities in client's IT systems. You will be required to report on the identified vulnerabilities and provide recommendations for their...

  • Full Time Senior ICT Security Specialist

    4 days ago

    Melbourne, Australia Triskele Labs Full time

    Full Time Senior ICT Security Specialist - Offensive Managing Consultant Triskele Labs Pty LtdMelbourne VIC 3000Salary $170,000.00 plus superannuationOverviewThe Full Time Senior ICT Security Specialist - Offensive Managing Consultant at Triskele Labs, based in Melbourne, will balance their time between team management (50%) and hands-on penetration testing...

  • Principal Security Architect

    3 weeks ago

    Melbourne, Victoria, Australia Amazon Full time

    Job SummaryWe are seeking an experienced Principal Security Engineer to join our Security team in Australia. As a key member of our team, you will be responsible for conducting both pre and post-launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add...

  • Principal Security Engineer

    2 months ago

    Melbourne, Victoria, Australia IT M S Full time

    Job Title: Principal Security EngineerWe are seeking an experienced Principal Security Engineer to join our Security team in Australia. As a key member of our team, you will be responsible for conducting both pre and post-launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping...

  • Principal Security Architect

    3 weeks ago

    Melbourne, Victoria, Australia IT M S Full time

    Job DescriptionWe are seeking an experienced Principal Security Engineer to join our Security team in Australia.As a key member of our team, you will be responsible for conducting both pre and post-launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams...

  • Security Site Manager

    4 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a leading provider of security services, committed to upholding strong ethical values and ideals. We serve a diverse range of clients and strive to make a positive impact on the community.Job SummaryWe are seeking an experienced Security Site Manager to join our team. The successful candidate will be responsible for managing and...

  • Security Operations Manager

    3 months ago

    Melbourne, Australia Challenger Security Full time

    **Full Time Employment** **Competitive Salary plus a company car** **Join the Team at Challenger Security: Elevate Your Career in Security Excellence!** Welcome to Challenger Security, as a leader in the industry, we are renowned for delivering top-tier security services to our global clients. Our commitment to unwavering excellence has established us as...

  • Security Operations Manager

    3 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a leading provider in the security industry, serving a vast range of high-level clients and upholding strong ethical values and ideals that guide our operational management and delivery.We are a social enterprise business, the first and only existing within the security industry, driven by a purpose to impact social change by...

  • Security Operations Manager

    1 month ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a pioneering social enterprise in the security industry, dedicated to providing ethical security services while creating pathways to employment for individuals from disadvantaged backgrounds, particularly refugees and migrants. Our mission is to establish a strong presence in the security sector, offering sustainable employment...

  • Security Operations Manager

    4 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a pioneering social enterprise in the security industry, dedicated to providing ethical security services while creating pathways to employment for individuals from disadvantaged backgrounds, particularly refugees and migrants. Our mission is to establish a strong presence in the security sector, offering sustainable employment...

  • Security Operations Manager

    2 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a pioneering social enterprise in the security industry, dedicated to providing ethical security services while creating pathways to employment for individuals from disadvantaged backgrounds, particularly refugees and migrants. Our mission is to establish contracts across various sectors, including government and commercial, to offer...

  • Security Operations Manager

    3 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a pioneering social enterprise in the security industry, dedicated to providing ethical security services while creating pathways to employment for individuals from disadvantaged backgrounds, particularly refugees and migrants. Our mission is to establish a strong presence in the security sector, offering sustainable employment...

  • Security Operations Manager

    4 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a pioneering social enterprise in the security industry, dedicated to providing ethical security services while creating pathways to employment for individuals from disadvantaged backgrounds, particularly refugees and migrants. Our mission is to establish a strong presence in the security sector, offering sustainable employment...

  • Security Operations Manager

    4 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a pioneering social enterprise in the security industry, dedicated to providing ethical security services while creating pathways to employment for individuals from disadvantaged backgrounds, particularly refugees and migrants. Our mission is to establish a strong presence in the security sector, offering sustainable employment...

  • Security Operations Manager

    3 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About UsSOS Security is a social enterprise that provides ethical security services while creating pathways to employment for those from disadvantage. We offer security guard work in various settings and aim to establish contracts across sectors, including government and commercial.About the RoleThe Security Control and Response Officer is a senior security...

  • Security Operations Manager

    3 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About Us :SOS Security is a social enterprise that operates within the security industry, providing ethical security services while creating pathways to employment for those from disadvantage. Our mission is to establish contracts across various sectors, including government and commercial, to offer full-time sustainable employment opportunities.About You :A...

  • Security Operations Manager

    2 weeks ago

    Melbourne, Victoria, Australia SOS Security Full time

    About Us :SOS Security is a social enterprise that operates within the security industry, providing ethical security services while creating pathways to employment for those from disadvantage. Our mission is to establish contracts across various sectors, including government and commercial, to offer full-time sustainable employment opportunities.About You :A...

  • Security Architect

    4 weeks ago

    Melbourne, Victoria, Australia Sinch Full time

    Sinch Security Engineer Job DescriptionSinch, the Customer Communications Cloud, is seeking a highly skilled Security Engineer to join our global team. As a Security Engineer, you will play a critical role in designing, implementing, and maintaining security protocols to safeguard sensitive information, such as customer data and company intellectual...