Cyber - Penetration Testing & Vulnerability Assessment - Senior Consultant

Company Description

Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax, and related services. Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organisation”) serves four out of five Fortune Global 500® companies. Learn how Deloitte makes an impact that matters at www.deloitte.com.

About the Division

The value that Deloitte Risk Advisory Africa creates for organisations is synonymous with operational excellence. Our five business areas work in unison to provide integrated solutions unique to the organisational requirements of any business.

In a world that is constantly changing, organisations need to adapt quickly to respond to new risks and take advantage of new opportunities. Deloitte's Risk Advisory practice advises organisations on how to effectively mitigate risk and make informed and intelligent risk decisions around business processes, technology, and operations. Click here to read more about our Risk Advisory practice.

Click here to see more about what our Cyber Risk team does.

Job Description

What you’ll do

Supports engagement team in delivery of offensive cyber security services to identify security weaknesses within client's IT environments, reporting on issues and making recommendations for their remediation.

Responsibilities

The work you perform will include:

• Perform vulnerability assessment and penetration testing
• Perform Web Application Security Assessments
• Perform Social Engineering Assessments
• Perform Red Teaming Exercises
• Perform technology configuration reviews
• Apply problem solving skills and deliver Deloitte methodology on engagements
• Develop excellent professional oral and written communication skills in order to establish working relationships with client personnel
• Develop professional skills in various technology risk / security and privacy domains
• Build industry knowledge to understand risk management issues relevant to that particular business
• Exercise professional judgment on engagements by providing proactive solutions and recommendations
• Provide recommendations for improved and enhanced business efficiency to clients

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Analyst, Consultant across our Firm are expected to:

• Demonstrate a strong commitment to personal learning and development.
• Understand how our daily work contributes to the priorities of the team and business.
• Understand the set expectations and demonstrate accountability in keeping personal performance on track.
• Actively focus on developing effective communications and relationship-building skills with stakeholders, clients and team.
• Demonstrate an appreciation for working with others.
• Understand what is fundamental to Deloitte’s success as a business.
• Demonstrate integrity and an awareness of strengths, differences, and personal impact.
• Develop their understanding of Deloitte and offer a fresh perspective.

Qualifications

Advantagous qualifications include:

• Bachelor degree or higher in Computer Engineering, Computer Science, Information Systems, Accounting Information Systems or other related fields
• CISSP, CISM, CSSLP, OSCP, CEH, GPEN or other security certifications

Experience:

• 2+ years working in-depth working experience within a penetration tester with a strong understanding and familiarity with common penetration testing methods and standards and vulnerability and threat management experience
• Must have experience of common network technologies, protocols and attacks
• Experience with exploitation frameworks (e.g., MetaSploit, Core Impact)
• Experience using common attack frameworks i.e. Cobalt Strike / Empire / PowerSploit or similar
• Experience with various security tools and products (Burp Suite, Nessus, Kali)
• Knowledge of operating systems (UNIX/Linux and Solaris, Windows) and of database management systems (Oracle, SQL Server, etc.) and web technologies (Java, PHP, ASP.NET, AJAX, etc.) and application security techniques and challenges
• Knowledge of the OWASP and OSSTMM methodologies
• Red team and cyber-attack simulation experience
• Knowledge of Social Engineering tools and techniques

Competencies

• Ability to work on multiple assignments and manage ambiguity
• Good analytical skill, communication and presentation skills with MS Office proficiency
• Ability to work both independently and as part of a team with professionals at all levels

Additional Information

At Deloitte, we want everyone to feel they can be themselves and to thrive at work—in every country, in everything we do, every day. We aim to create a workplace where everyone is treated fairly and with respect, including reasonable accommodation for persons with disabilities. We seek to create and leverage our diverse workforce to build an inclusive environment across the African continent.