Deloitte Jobs

Job Information

Deloitte PenTester in Richmond, Virginia

Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte's Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will become part of a team that advises, implements, and manages solutions across five verticals: Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Our dynamic team offers opportunities to work with cutting-edge cyber security tools and grow both vertically and horizontally at an accelerated rate. Join our cyber team and elevate your career.

Work you'll do

  • Support clients with data protection, IoT, and overarching cloud capabilities.

  • Implement core and cloud infrastructure security to manage risks and exposure.

  • Perform cyber reconnaissance to illuminate a potential attack surface area.

  • Provide threat and vulnerability management to federal clients and teams.

  • Analyze tactical network architectures and topologies to assess security risks.

    • Be on the front lines with our clients supporting them with their cloud and Adversarial Simulation security needs.
  • Work with our Adversarial Simulation team to provide attack-oriented professional services such as (but not limited to): Red/Purple Team Operations, Penetration Testing, Breach and Attack Simulations, Cloud Penetration Testing, Social Engineering, and a variety of ad-hoc custom assessments to address unique information security concerns for clients.

  • Deliver professional services, including but not limited to Red Team Assessments, Purple Team Assessments, Network Penetration Tests, Wireless Security Assessments, Onsite and Remote Social Engineering, and a variety of custom assessments

  • Create and write comprehensive assessment reports that are technical and managerial to describe the engagement, scope, risks, and remediation recommendations

  • Develop marketing materials and participate in marketing activities such as creating research, speaking at conferences, authoring materials and presenting thought leadership

  • Knowledge of security testing frameworks and standards such as OSSTMM, OWASP, NIST SP 800-115, Lockheed Martin's Kill Chain, and MITRE ATT&CK

  • Use automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients

The team

Deloitte's Government and Public Services (GPS) practice - our people, ideas, technology and outcomes-is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of more than 15,000 professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise

At Deloitte, we believe cyber is about starting things-not stopping them-and enabling the freedom to create a more secure future. Cyber Infrastructure is focused on rethinking how security is integrated across modernized infrastructure as cyber threats become more complex. If you're seeking a career implementing, architecting, and-in select cases-handling next generation controls to manage security risks and exposure, then the Cyber Infrastructure team at Deloitte is for you.

Qualifications

Required:

  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

  • Must be able to obtain and maintain the required clearance for this role

  • Travel up to 10%

  • Experience using cyber reconnaissance to support a federal client

  • Experience working with cloud infrastructure

    • 4+ years combined in IT and information security experience
  • 2+ years of experience performing offensive/attack-oriented security assessments

  • 2+ years of experience in an enterprise-level customer delivery services role

  • Experience with various public cloud components and architectures with Azure / AWS strongly preferred.

  • Experience in evading security detection controls

Preferred:

  • Prior professional services or federal consulting experience

  • Previous Security Operations Center experience

  • Experience in mobile and endpoint security

  • Certifications (e.g., CompTIA Security+, CEH, CISSP)

How you'll grow

At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

cyberoperate21

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

DirectEmployers