Red Team Senior Operator

Job Requisition ID: 35801 

• Work in a highly innovative and transformative business
• Mentoring, growth and training – receive support and coaching to progress your career
• Preventive and supportive mental health initiatives

What will your typical day look like?  

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Key Role Responsibilities:

• You will be leading a small team of Red Team Operators in the planning, execution, and reporting of Red Team engagements around the globe. This includes, but is not limited to:
  • Performing intelligence gathering against target networks, people, processes, and technologies.
  • Finding creative ways to obtain a foothold in a target network.
  • Delivering malware and establishing command and control (C2).
  • Moving stealthily within target networks, satisfying the campaign objectives, while staying undetected by the blue teams.
  • Establishing persistence and strategically tuning long-haul beacons to maintain long-term footholds where necessary.
  • Ensuring adherence to the Rules of Engagement during every step of the Red Team engagements.
  • Maintaining operational oversite of all actions conducted during Red Team engagements. Ensuring that every action is planned, executed, and logged properly at all times by every operator.
  • Maintaining in-depth documentation and auditing of actions taken during Red Team operations, at all times, for the purposes of deconfliction and non-repudiation.
• Identifying and acting on opportunities to train and mentor other members of the Red Team.
• Assisting in the management of the Red Team Attack Network and the implementation of new tools and techniques to improve the team’s tradecraft.
• Sharing your research within the Deloitte Global Red Team community, and with the broader security organization, by writing blogs, speaking at conferences, or publishing code.
• Developing operational processes, field manuals, and attack methodologies to continuously improve the quality of engagements and knowledge sharing amongst the team.
• Ensure deliverables meet the quality and timeliness expected of a world-class Red Team.
• Working closely with a wide variety of Deloitte’s industry leading information security teams to identify and reduce risk around the globe.

About the team
Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Enough about us, let’s talk about you.
You are someone with:

Required:

• 3+ years of Red Team experience.
• A passion for offensive security and Red Team operations, and a drive to stay up to date with modern attack techniques, public breaches, and new vulnerabilities.
• A deep understanding of threat actor tactics, techniques, and procedures (TTPs).
• Experience with, and a deep understanding of, digital forensics and incident response capabilities and procedures.
• Experience with leading Red Team Operations against companies and their associated people, processes, and technologies.
• The ability to create, update, and maintain documentation ranging from Red Team TTPs to governing documentation as needed.
• Experience with enumerating and attacking Windows Active Directory and Azure EntraID environments.
• Experience leading the designing, building, maintaining, and utilization of covert C2 infrastructure in various cloud platforms and environments. Automation experience is a plus!
• Experience with modern malware development and obfuscation techniques.
• A deep understanding of enterprise security architecture and the associated security controls.
• A deep understanding of monitoring, detections, and indicators of compromise/attack, and the implications they have on covert Red Team Operations.
• Hands on experience working with industry leading Red Team tools like Cobalt Strike, Nighthawk C2, Bloodhound, Evilginx2, etc...

Preferred:

• Relevant certifications such as OSCP, OSCE, OSEP, OSED, OSEE, CRTP, CRTE, etc.
• Public examples of blogs, conference talks, and open-source tooling demonstrating your expertise.
• Experience operating against security products such as Microsoft Defender for Endpoint/Identity and CrowdStrike Falcon.
• Experience with Social Engineering (physical, phishing).
• Experience with Outflank OST.
• Experience automating infrastructure deployment with Ansible and Terraform.
• Experience leading red teaming efforts.

Why Deloitte? 

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.  

We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong. 

 We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team and personal commitments.

We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package.

 Next Steps 
Sound like the sort of role for you? Apply now. 

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.