Your opportunity
Cyber Risk & Security. Everybody's talking about it. Every major corporation is concerned by it. The Government is investing £1.9 billion in tackling it. We're shaping strategies and transforming technology to minimise it and we need you to join us. You'll build strong relationships within a Cyber practice with some 300 FTE extremely talented individuals. Our team brings together people who graduated in everything from Philosophy to Law, Maths and Computer Science. Join them and you will operate at the cutting edge, enjoying the kind of professional development that will set your potential free.
We are proud to offer flexible working arrangements which allow our people to choose the most suitable working arrangement that works for them. Whether this is working 4 days per week, taking the summer months off work, or more flexibility around your working pattern, we consider both formal and informal working arrangements that allow our people and our clients the best outcome.
Your role
- You will be a part of a dynamic team, delivering complex and exciting Red Team
- engagements across a wide array of clients and sectors.
- You will support our Red Team Leads throughout the Red Team lifecycle; helping to scope the work, support on the design and delivery of attack scenarios (including social engineering and phishing), through to report delivery and debriefing/wash-up meetings to present our findings to clients.
- You will produce reports that deliver valuable insights to reshape our client's thinking, providing root cause analysis of issues identified during the Red Team engagement, with recommendations to mitigate risk.
- Your role will involve client facing, hands-on delivery of Red Team engagements, and helping to build our Red Team capability through research and development. Every step of the way, we'll support you to deliver your best - giving you everything you need to reshape the cyber landscape across the UK and beyond.
- As a Manager focused on Cyber Attack within Risk Advisory, you will typically have responsibility for:
- You will work closely alongside our Red Team leads to scope Red Team engagements and design and plan attack scenarios based on emerging Threat Intelligence, and our deep knowledge of our client's businesses.
- You will support our Red Team leads on delivering attack scenarios, to achieve progress against agreed actions on objectives.
- You will produce high quality technical reports (including a non-technical summary), identifying the potential impact and exploitability of vulnerabilities identified (e.g. potential for financial and reputational damage), and providing recommendations on remediation activities to address the root causes of issues.
- You will actively contribute to building our Red Team capability, through research and development time.
- You will act as a SME, helping to prepare bids and win work.
- Your creative mindset will enable you to solve clients' issues whilst thinking around corners;
- You will bring innate ability to lead teams, inspire colleagues and act as a trusted business adviser;
- You will deliver cyber-related engagements with our clients, working seamlessly and collaboratively with colleagues and clients;
- You will contribute to the development of our teams by training and coaching;
- You will work effectively in diverse teams within an inclusive team culture where people are recognised for their contribution;
- You'll be contributing to the creation of new Cyber related services and the development of existing services;
- You'll be keen to increase the eminence of the Deloitte Cyber practice and engage with some high profile clients;
- You will have the willingness to learn and develop that Deloitte will encourage through training, mentoring and coaching options.
Your work, your choice
At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you.
Location: We are recruiting in Cheltenham Spa.
Suggested work pattern: Permanent full-time position, with an opportunity for some home working.
Your professional experience
- Desirable skills, qualifications and experience:
- Several years' industry experience (penetration testing and Red Team engagements).
- Qualifications - CREST Certified Simulated Attack Specialist (CCSAS), CCT Infrastructure, CTL, UK Security Clearance.
- Knowledge of .NET, PowerShell, VB, VBA, Python, C, C++, the ability to programme in some of the aforementioned.
- Good knowledge of Windows Active Directory with a specific focus on enumeration and privilege escalation in an enterprise environment.
- You should be comfortable working in a client facing position, with experience scoping, leading, and delivering large, and complex, penetration testing and Red Team engagements.
- Experience of working with Threat Intelligence teams on Red Team engagements is desirable.
- Knowledge of advanced Red Team techniques and tradecraft (including evading detection, payload delivery and obfuscation techniques).
- Experience of different command and control channels (e.g. DNS/HTTPS).
- Knowledge of Cobalt Strike is desirable.
- Experience of phishing and other social engineering techniques is desirable.
- Excellent written skills, with experience producing technical Red Team/penetration testing reports that communicate risks clearly and succinctly at all levels of an organisation.
- Excellent communication skills, with client facing experience and strong presentation skills.
- Commitment to quality and attention to detail.
- Willingness and desire to travel, to support our UK and global clients when required.
- Able to solve complex problems objectively individually and as part of a team;
- Excellent interpersonal skills and experience of developing strong relationships, either as a consultant or within an organisation.
Your service line: Risk Advisory
In Risk Advisory, our thinking and actions give clients, our people and society the confidence to succeed responsibly in a rapidly changing world. We don't just work with our clients to manage risk, we help them understand and grab the opportunities it presents too, helping them gain a competitive advantage. Our expertise and industry knowledge run deep here. At Deloitte, you'll find yourself working with some of the most inspiring and experienced colleagues and with clients who trust you to lead the way to smart choices, better control frameworks, and new systems, including bespoke solutions that have a direct impact on their bottom line.
Personal independence
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.
About Deloitte
Our Purpose & Strategy
To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent.
What do we do?
Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.
Beyond the UK: Deloitte North and South Europe
The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Greece, Ireland, Italy, Malta, the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,500 partners and over 40,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people.
What do we value?
What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.
Being a Leader at Deloitte
Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work - and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.
We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we're looking for:
- We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
- We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
- We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
- We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
- We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.
SLRSKA BACYBR
Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom.
Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.
© 2019 Deloitte LLP. All rights reserved.
Requisition code: 173261
|
