Offensive Security | Director

Job Requisition ID: 40959 

• Be part of market-leading projects with global scale and complexity

• Unlock everyday savings through our MyBenefits platform on retail, tech, travel and more

• Reimbursements for professional development and subsidised qualifications

What will your typical day look like?

You will leverage your passion for cybersecurity and people to help our clients address their key cyber risks and design cybersecurity solutions to protect their critical information assets through offensive security services. You will bring strategic thinking, communication, and interpersonal skills, which will enable you to engage at all levels of an organisation in relation to the cyber risk agenda.

You will coordinate a diverse and driven team to assist organisations with a wide range of offensive security services, sometimes in collaboration with the broader Cyber team on services such as cyber security strategy, threat and risk assessment, security design and implementation of solutions. As a director, you will lead teams to deliver offensive security projects and contribute to the culture of learning and impact within our cyber risk practice.

About the team

Positioned first globally in Security Consulting Services for the 7th year in a row. Yep, that’s Deloitte. The cyberspace is constantly evolving and so are the threats that it brings. That’s why our work is more meaningful (and exciting!) than ever. Always one step ahead, we predict risks and safeguard our clients through end-to-end solutions. More importantly, we help clients unlock new opportunities through safer and more secure systems and policies. 

Enough about us, let’s talk about you.

You are someone with:

• 10-15 years of experience in penetration testing, red teaming, cyber incident detection and response, leading cyber transformation initiatives, managing cyber security functions or cyber risk consulting
• Proven ability to improve security posture of clients from people, process, and technology perspective.
• The ability to understand a client’s cyber posture, perform gap analysis, understand the regulatory & legal frameworks, prioritise offensive security services and know when to bring others into the conversation.
• The ability to think like a threat actor, understand threat actors TTPs and mobilise a team to simulate the threat actor in a client’s environment.
• The ability to think like a business executive, manage security team members and communicate effectively with key stakeholders.
• Develop relationships with key cyber focussed executives within client or potential client organisations as well as the local cyber community.
• The experience and technical expertise to understand the client’s offensive security requirements, accurately scope the testing, price the testing appropriately, pull together an engagement team with the right skills, oversee delivery of the engagement, perform QA of the deliverable, close out the engagement internally and with the client.
• Utilise emerging technologies and tooling to deliver best of breed offensive security services to maximise value to our clients.
• Consulting to build security best practices; implementation of security measures to meet business goals, customer needs and regulatory requirements.
• Assist with business development through your relationships with clients and the ability to provide compelling business proposals.
• Demonstrated ability to identify risks associated with business processes, operations, technology projects and information security programs.
• Ability to develop project timelines that prioritise changes that provide greatest impact.
• Skills to drive appropriate security policies and procedure development.
• Experience or knowledge of industry frameworks such as PCI DSS, ISO27001, NIST and APRA Standards.
• Experience in leading / mentoring a team and coaching them to upscale their skills.
• Proven ability to engage with stakeholders effectively at all levels of the organisation.
• Certifications such as CISSP, CISM, OSCP, OSEP, SANS or similar.
• Big 4 consulting experience looked upon favourably.

Why Deloitte?

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.   

We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong.  

We value in-person connection with our clients and our colleagues. We offer several ways for you to work flexibly so that you can serve your clients, stay connected with your team, and manage your personal priorities.

We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package.  

Next Steps  

Sound like the sort of role for you? Apply now, we’d love to hear from you!  

#LI-Hybrid

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.