Deloitte Jobs

Job Information

Deloitte Specialist Master: Attack Surface Management / Offensive in Orlando, Florida

Cyber & Strategic Risk, Attack Surface Management / Offensive Security

Are you interested in improving the cyber and organizational risk profiles of leading companies? Do you want to be involved in designing attack surface focused Cyber security solutions for our clients? Are you excited about shaping security requirements and solutions for clients based on rapidly changing technology advancements, emerging regulatory and compliance requirements, and the fast-paced nature of security threats?

Our Attack Surface Management and Offensive security teams bring together advanced cloud-based technologies and leading practices to assist our clients, understand, assess, and reduce their attack surface. We help clients analyze, assess, improve, and operate attack surface and offensive security capabilities, ensuring that threats to the organization are identified and addressed in a timely and risk prioritized way. Digital Identity brings together advanced cloud-based technologies and leading practices to deliver pre-built identity management use cases that accelerate deployment and time to value for clients. We help clients sustain, transform, and evolve their identity management capabilities, ensuring that the right people (employees and third parties) have the right access at the right time.

Work you'll do

As a Specialist Master you will be on the forefront of client solution and service design within our Attack Surface Management and Offensive Security Practice . You should possess a deep understanding of attack surface operations ( i.e vulnerability management, digital presence discovery, patch and config uration management capabilities) and Offensive Security (i.e red teaming, purple teaming, breach attack simulation, penetration testing) and familiarity of technologies such as Qualys, Tenable, Kenna Security, SafeBreach, ServiceNow Security Operations, Rapid7, Okta, SailPoint, ForgeRock, CyberArk, AWS, Saviynt, Azure, GCP, Transmit Sec, and BeyondTrust .

Specialist Master responsibilities include:

  • Participate in development and delivery of client pursuit materials such proposals, RFP responses, statements of work, discussion decks, as well as execution of sales/pursuit meetings

  • Determine scope of services for pursuits based on client proposals or conversations

  • Create client pursuit materials in Word, PowerPoint, and Excel to share Deloitte's capabilities, experience, and qualifications

  • Manage technical scoping and solution communications with account teams, vendors, 3rd party service providers, Deloitte leadership, and client personnel, where needed, during the pursuit process

  • Act as the primary technical interface between the engagement team service leads for all in-scope services

  • Identify and develop opportunities to provide new and expanded services

  • Demonstrate ability to manage multiple pursuits across the Attack Surface Management and Offensive Security Digital Identity service portfolio

    Solution Development:

  • Seek opportunities and offer guidance on how to improve the sales methodology including owning and driving internal improvement initiatives

  • Prepare, produce, and deliver materials used for reporting on opportunities and sales

  • Analyze opportunity and sales data for insights and trends to shape future solution design

  • Analyze complex issues to determine impact and to suggest alternative solutions based on client needs and objectives

    Required Qualifications:

  • 5+ years working in security information and/or technology engineering support experience

  • Ability to translate client requirements into solution design that can be delivered by the Digital Identity team Attack Surface and Offensive Security teams, who you work as part of

  • Highly proficient in Microsoft applications including PowerPoint, Word, and Excel

  • Excellent interpersonal and organizational skills

  • Excellent oral and written communication skills

  • Experience with attack surface management and offensive security identity technologies such as Qualys, Tenable, Kenna Security, SafeBreach, ServiceNow, Rapid7 Okta, SailPoint, ForgeRock, CyberArk, AWS, Saviynt, Azure, GCP, Transmit Sec, and BeyondTrust

  • Basic knowledge in system security architecture and security solutions

  • Travel required up to 25%, varying based on client coverage

  • Limited Sponsorship may be available


  • Strong understanding of understanding of the attack surface and offensive security market, including knowledge of vulnerability management, application security, penetration testing, threat intelligence, red teaming, breach attack surface and other automated attack techniques. Security Assessments, such as NIST CSP

  • Bachelor of Science with a concentration in computer science, information systems, information security, cloud security, identity, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines or equivalent work experience

  • Strong understanding of threat analysis and enterprise level risk mitigation strategies

  • Working knowledge of operating systems and networking technologies in general

  • Working knowledge of cyber threats, defenses, motivations and techniques

  • Strong analytical and problem-solving skills

  • Creative design skills across Microsoft application suite

  • Self-motivated to improve knowledge and skills

  • A strong desire to understand the what as well as the why and the how of security incidents

  • Certified Information Systems Security Professional (CISSP)

    All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.