Senior - Automated Cyber Attack Engineer

To join Deloitte is to participate in the transformation of leading national and international organisations. At Deloitte we are committed to making an impact on society, our clients and you.

Are you in?

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

As the Automated Cyber Attack Engineer you will perform tasks to identify vulnerabilities in Deloitte environments by simulating the attack paths and techniques likely to be used by malicious actors. You will drive simulation, prioritization, and remediation of high risk cybersecurity vulnerabilities with internal Deloitte teams. 

What will your day-to-day be like?

• Create customized threat profiles to identify the latest adversarial tactics, techniques, and procedures (TTPs).
• Facilitate the configuration and placement of Automated attack simulation infrastructure with internal stakeholders.
• Establish and execute cyber exercises and partner with internal stakeholders to reduce risk.
• Overcome delivery challenges, including but not limited to; priority conflicts, business versus technology perspective, resource availability and engagement.
• Develop a roadmap of prioritized remediation activities to help address potential gaps, based on the criticality of findings and the organization’s specific threat profile.
• Analyze, update, and modify procedures and processes to identify and continuously implement BAS process improvements.
• Stay informed about the latest developments in the information security field.

What do we expect from you?

• Required:
  • Bachelor’s Degree preferably in an information technology-related field.
  • Minimum of 3 years of security systems engineering and troubleshooting experience.
  • Understanding of cyber-based threat techniques and procedures to compare industry related events, exposures, and incidents.
  • Understanding of the MITRE ATT&CK Framework and/or other cyber security threat based frameworks used to track adversaries and associated TTPs.
  • Familiarity with key security events on common IT platforms.
  • Experience collaborating with security technical experts and leaders to drive risk reduction.
  • General networking, host, and security based troubleshooting (firewalls, routing, NAT, etc).

• Preferred:
  • Experience working with breach and attack simulation (BAS) solutions.
  • Red/Purple teaming experience.
  • Security certifications are a bonus (CISSP, CISM, OSCP, Security +, etc).
  • GIAC certifications beneficial.
  • Familiarity with application, server, and network security.
  • Familiarity with configuration and administration of enterprise SIEM tools.

What do we offer?

• You will have a hybrid-flexible working model.
• You will be eligible for a flexible remuneration system, medical service, health insurance, life insurance and accident insurance.
• You will have a training plan throughout your career.
• You will develop in a feedback culture where you will be encouraged to learn continuously.
• If you are interested, you will participate in national and international social action and volunteering programmes.
• You will enjoy a cultural and sporting offer.

Now the choice is yours! If you think this position is right for you, click 'Apply now' and complete your profile so we can assess your application. If you fit the profile, our recruitment team will contact you to get to know you.

From there we will guide you through our recruitment process and your Deloitte story will begin.

What impact will you make?