Red Team Operator

Job Requisition ID: 35802 

• Work in a highly innovative and transformative business
• Mentoring, growth and training – receive support and coaching to progress your career
• Preventive and supportive mental health initiatives

What will your typical day look like?  

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Key Role Responsibilities:

• Deliver red team campaigns by:
  • Performing intelligence gathering against target networks, people, processes, and technologies.
  • Finding creative ways to obtain a foothold in a target network.
  • Delivering malware and establishing command and control (C2).
  • Moving stealthily within target networks, satisfying the campaign objectives, while staying undetected by the blue teams.
  • Establishing persistence and strategically tuning long-haul beacons to maintain long-term footholds where necessary.
  • Perform a wide variety of tasks, as needed, to ensure Red Team campaign success.
  • Maintaining in-depth documentation and auditing of actions taken during Red Team operations, at all times, for the purposes of deconfliction and non-repudiation.

• Assist in the management of the Red Team Attack Network and the implementation of new tools and techniques to improve the team’s tradecraft.
• Constantly research, test, and develop new tools, techniques, and procedures (TTPs).
• Translate Red Team campaign technical findings into reportable and actionable Red Team results.
• Ensure deliverables meet the quality and timeliness expected of a world-class Red Team.
• Stay abreast of the latest cyber security threats, trends, and attack techniques; continuously improve our testing methodologies and tools.
• Ensure adherence to the Rules of Engagement during every step of the Red Team engagements.

About the team
Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Enough about us, let’s talk about you.
You are someone with:

• 3+ years of experience in cybersecurity, with a focus on penetration testing, ethical hacking, or red team operations.
• Experience with conducting intelligence gathering against companies and their associated people, networks, and technologies.
• Experience conducting complex penetration tests and red team exercises against web applications, networks, and endpoint systems.
• Experience with Windows Active Directory and Azure EntraID.
• Experience maintaining and utilizing covert C2 infrastructure in various cloud platforms and environments. Automation experience is a plus!
• Hands on experience working with tools like Cobalt Strike, Nighthawk C2, Fortra OST, Bloodhound, Impacket, Mimikatz, Kekeo, Rubeus, socat and the Windows Sysinternals suite.
• Experience with modern payload obfuscation techniques.

Preferred:

• Relevant certifications such as OSCP, OSEP, OSED, OSEE, CRTP, CRTE, etc.
• Public examples of blogs, conference talks, and open-source tooling demonstrating your expertise.
• Experience operating against security products such as Microsoft Defender for Endpoint/Identity and CrowdStrike Falcon.
• Experience with Social Engineering (physical, phishing).
• Experience with Outflank OST.
• Experience automating infrastructure deployment with Ansible and Terraform.
• Experience with fully remote positions.

Why Deloitte? 

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.  

We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong. 

 We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team and personal commitments.

We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package.

Next Steps 
Sound like the sort of role for you? Apply now. 

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.