Red Team Specialist

Company Description

Simulate real-world cyber threats, develop innovative tradecraft, and execute covert operations in complex IT environments. At Deloitte.

Job Description

• Finding creative ways to obtain a foothold in a client's network.
• Applying an adversary mindset to simulate sophisticated actors and achieve project-specific objectives.
• Covertly traversing the network, avoiding detection.
• Performing research, developing your own tools, and sharpening your tradecraft.
• Sharing your research within the Deloitte Global Red Team community and with the broader security community, for example writing blogs, speaking at conferences, or publishing code.
• Turning security weaknesses into tailored and concrete recommendations which you will present to clients.
• Follow-up to Red Team exercises with Purple Team workshops to help our clients’ defensive teams to identify tactics, techniques, and procedures (TTPs) used by real-world adversaries.

Qualifications

You are an offensive security enthusiast, finding creative ways to break into highly secured environments and laterally move to obtain access to the most critical assets. You do all this staying under the radar of Blue Teams and sysadmins. You are keen on researching new techniques and developing solutions to reach your goals. For the role of Red Team specialist, you also have:

• Mastered C2 frameworks like Mythic, Cobalt Strike, Brute Ratel, Nighthawk.
• A track record of obtaining initial footholds in mature enterprise environments.
• Experience evading Endpoint Detection and Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, Elastic, SentinelOne, and Trellix.
• Advanced knowledge of common enterprise technologies such as Active Directory and Azure/Entra ID.
• Programming experience in languages such as C/C++, C#, PowerShell, Python and bash.
• A creative mindset to the entire cyber kill chain from obtaining initial access to achieving objectives that align with organization-specific business risks (not just “Domain Admin”!).
• Conducted Red Team operations in complex environments, e.g., TIBER-EU, ART, CBEST.
• A passion for R&D with experience crafting your own tools and a drive to stay up-to-date with attack techniques and vulnerabilities.
• Worked proficiently with offensive tooling like Impacket, Mimikatz, Kekeo, BloodHound, Rubeus, socat and Sysinternals suite.
• Good communication skills and fluency in English.
• While not mandatory, relevant certifications can be an advantage (e.g., OSEP, OSED, OSEE, CRTO, CRTL, CRTE, CCRTS/CCSAS).
• It’s a plus if you have presented at security conferences or written technical blogs and whitepapers.

Additional Information

We take a proactive approach to strengthening organisational resilience through ethical hacking. As a Red Team specialist, you will work in a highly skilled team to perform Red Team exercises for our international clients. Using your offensive skills and experience, you will covertly breach our clients’ networks and provide recommendations to strengthen the client’s security posture. To sharpen your skills, you will perform research on the latest techniques and tools, join and share insights at our Deloitte Global Red Team knowledge exchange sessions.