Senior Offensive Security Specialist
- Full-time
- Job type: Permanent
- Educational level: Bachelor (HBO/WO)
- Office: Amsterdam
Company Description
Help improving cyber resilience of our clients by engineering, hacking and emulating real-world threats against challenging IT environments. At Deloitte.
Job Description
- finding creative ways to exploit the client's applications and infrastructure;
- applying hacker's mindset to bypass protections and identify cracks within target systems;
- providing clients with technical recommendations that match their situation and environment;
- turning security weaknesses into tailored and concrete recommendations which you will present to clients and provide hands-on support to help clients with improving their security posture
- performing offensive research on new technologies and developing methodologies to evaluate the security of the setup and configuration;
- sharing your research within the Deloitte Global Offensive Security community and with the broader security community, for example writing blogs, speaking at conferences, or publishing code.
Qualifications
You have a passion for offensive security, finding creative ways to break into highly secured environments identifying ways around defenses. Moreover, in case you run into new types of environments or technologies you are able to develop new tools and techniques to reach your objective. For the role of Senior Offensive Security specialist, you also have:
- a Computer Science degree or similar;
- a passion for offensive security and a drive to stay up-to-date with current exploits, attack techniques and new vulnerabilities;
- experience with the protocols at the various layers of the OSI model, think of: ARP, PPP, IPsec, IP, TCP, UDP, ICMP, TLS, SOCKS, ASCII, UTF-8, Base64, CRC, HTTP, QUIC, SMB, etc.;
- experience with web application security testing, using Burp exploiting SQL injection, file inclusion and HTTP request smuggling vulnerabilities, including experience with scripting to automate repetitive tasks;
- experience with complex infrastructures, both from an engineering and offensive perspective, evaluating possible entry points at the different layers of the protocol stack and exploiting those to get a foothold in the client's network and laterally move;
- experience evaluating the security of Windows and Linux operating systems and [Azure] Active Directory environments identifying possible escalation paths and security misconfigurations;
- relevant security certifications are preferred, some examples: OSCP, OSEP, OSWE, eCPTX, eWPTX, GXPN, etc.;
- excellent communication skills and fluency in written and spoken English.
Additional Information
As a Senior Offensive Security Specialist, you will work in a highly skilled team to perform challenging security tests for our international clients. Using your offensive and engineering skills you will exploit our clients’ networks, perform tactical network exploitation (TNE) and provide hands-on support to strengthen the client’s security posture. To sharpen your skills, you will join the periodic Deloitte Global Offensive Security community knowledge exchange sessions, follow trainings and perform research on the latest techniques and tools.
By clicking the link above or any third-party link within this posting, you are leaving this site and going to a third-party website where the third-party website's terms and privacy policy apply