Senior - Automated Cyber Attack Engineer
Madrid, España
Deloitte
Für unsere Kunden entwickeln wir integrierte Lösungen. Unsere Services umfassen Wirtschaftsprüfung, Steuerberatung, Financial Advisory und Consulting.
To join Deloitte is to participate in the transformation of leading national and international organisations. At Deloitte we are committed to making an impact on society, our clients and you.
Are you in?
Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.
As the Automated Cyber Attack Engineer you will perform tasks to identify vulnerabilities in Deloitte environments by simulating the attack paths and techniques likely to be used by malicious actors. You will drive simulation, prioritization, and remediation of high risk cybersecurity vulnerabilities with internal Deloitte teams.
What will your day-to-day be like?
- Create customized threat profiles to identify the latest adversarial tactics, techniques, and procedures (TTPs).
- Facilitate the configuration and placement of Automated attack simulation infrastructure with internal stakeholders.
- Establish and execute cyber exercises and partner with internal stakeholders to reduce risk.
- Overcome delivery challenges, including but not limited to; priority conflicts, business versus technology perspective, resource availability and engagement.
- Develop a roadmap of prioritized remediation activities to help address potential gaps, based on the criticality of findings and the organization’s specific threat profile.
- Analyze, update, and modify procedures and processes to identify and continuously implement BAS process improvements.
- Stay informed about the latest developments in the information security field.
What do we expect from you?
- Required:
- Bachelor’s Degree preferably in an information technology-related field.
- Minimum of 3 years of security systems engineering and troubleshooting experience.
- Understanding of cyber-based threat techniques and procedures to compare industry related events, exposures, and incidents.
- Understanding of the MITRE ATT&CK Framework and/or other cyber security threat based frameworks used to track adversaries and associated TTPs.
- Familiarity with key security events on common IT platforms.
- Experience collaborating with security technical experts and leaders to drive risk reduction.
- General networking, host, and security based troubleshooting (firewalls, routing, NAT, etc).
- Preferred:
- Experience working with breach and attack simulation (BAS) solutions.
- Red/Purple teaming experience.
- Security certifications are a bonus (CISSP, CISM, OSCP, Security +, etc).
- GIAC certifications beneficial.
- Familiarity with application, server, and network security.
- Familiarity with configuration and administration of enterprise SIEM tools.
What do we offer?
- You will have a hybrid-flexible working model.
- You will be eligible for a flexible remuneration system, medical service, health insurance, life insurance and accident insurance.
- You will have a training plan throughout your career.
- You will develop in a feedback culture where you will be encouraged to learn continuously.
- If you are interested, you will participate in national and international social action and volunteering programmes.
- You will enjoy a cultural and sporting offer.
Now the choice is yours! If you think this position is right for you, click 'Apply now' and complete your profile so we can assess your application. If you fit the profile, our recruitment team will contact you to get to know you.
From there we will guide you through our recruitment process and your Deloitte story will begin.
What impact will you make?
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISM CISSP Firewalls GIAC MITRE ATT&CK Network security OSCP SIEM TTPs Vulnerabilities
Perks/benefits: Flex hours Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs