Deloitte Risk Advisory - Cyber - Lead Penetration Tester Jobs in Midrand South Africa

Deloitte Risk Advisory - Cyber - Lead Penetration Tester Jobs in Midrand South Africa

Company Description

Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax and related services.

Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organisation”) serves four out of five Fortune Global 500® companies.

About the Division

The value that Deloitte Risk Advisory Africa creates for organisations is synonymous with operational excellence.

Our five business areas work in unison to provide integrated solutions unique to the organisational requirements of any business.

In a world that is constantly changing, organisations need to adapt quickly to respond to new risks and take advantage of new opportunities.

Deloitte's Risk Advisory practice advises organisations on how to effectively mitigate risk and make informed and intelligent risk decisions around business processes, technology and operations.

What Impact Will You Make?

Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance.

As the undisputed leader in professional services, Deloitte is where you’ll find unrivalled opportunities to succeed and realise your full potential.

Job Description

Responsible for leading attack and penetration testing engagements to identify security weaknesses within client's IT environments, reporting on issues and making recommendations for their remediation.

Responsibilities

When you join the Cyber team, you will be involved in penetration testing and vulnerability management engagements which include; network and host layer vulnerability assessments, firewall and networking device reviews, web application assessments, source code reviews and social engineering

The work you perform will include:

Supports service Support the Senior Manager on delivery of designated engagement / project, managing the implementation of the agreed deliverables

Guide teams through the design and implementation of Cyber Security Solutions that reduce vulnerability, strengthen threat controls and optimize operational efficiency

Leads complex technical assessments of client’s security infrastructures to identify / evaluate vulnerabilities, including considering the digital, physical, and social elements of the client, and reflecting relevant cyber threats to the client’s industry and profile and develop custom penetration testing tools

Conduct threat modeling and attack modeling on the clients’ designated targets of evaluation, plan pentest engagements and assess effort and stages according to internal Deloitte methodology;

Conduct hardware, mobile, and wireless security assessments and infrastructure and server, desktop and web-based application penetration tests

Write PoC exploit code for vulnerabilities the team has discovered and thoroughly document exploit chain/proof of concept scenarios for client consumption and internal knowledgebase;

Conduct social engineering assessments, document the findings according to internal Deloitte methodology and principles and analyze and summarize the findings in clear and actionable reports;

Conduct research in cyber security

Support

resource in planning of sales presentations and client negotiation teams for new and retained business

Develop market network in business and build
relationships that generate leads

Build relationships across Deloitt0065 service lines to understand broader offerings and seek opportunities for cross-selling

Generate innovative solutions on projects / engagements in collaboration with team members to enhance / renew service offerings to client

Qualifications

Minimum:

OSCP is essential

Advantageous qualification include:

University degree

Any of OSEP, OSWE, OSEE, GPEN, GXPN or
equivalent certification

CISSP

Experience

5+ years working in-depth working experience within a penetration tester with a strong understanding and familiarity with common penetration testing methods and standards and vulnerability and threat management experience

Must have experience of common network technologies, protocols and attacks

Experience with exploitation frameworks (e.g., MetaSploit, Core Impact)

Practical hands-on experience with one of Cobalt Strike / Empire / PowerSploit or similar

Experience with various security tools and
products (Burp Suite, Nessus, Kali)

Knowledge of operating systems (UNIX/Linux and Solaris, Windows) and of database management systems (Oracle, SQL Server, etc.) and web technologies (Java, PHP, ASP.NET, AJAX, etc.) and application security techniques and challenges

Knowledge of the OWASP and OSSTMM methodologies

Good understanding of the components of a secure DLC/SDLC

Vulnerability analysis and application reversing skills

Familiar with malware reverse engineering

Red team and cyber-attack simulation experience

Knowledge of Social Engineering tools and techniques

Good understanding of incident response and forensics services including forensics data collection and processing, malware and log analysis, containment approach definition, etc.

Additional Information

Technical & Behavioural Competencies:

Expert in field with sound industry and business knowledge

Demonstrated leadership skills

Proven ability to manage and execute projects

Experience in drafting and presenting client proposals

Excellent report writing skills

Sound business acumen

Ability to link technical issues to business risk

Ability to communicate business and technical risk to all levels of audience

Strong communication skills, both written and verbal

Effective interpersonal and relationship building skills

Good mentorship and coaching ability with desire to develop self and others

Strong client delivery focus

Adaptable, managing change and ambiguity with ease

How to Apply

For more information and job application details, see: Deloitte Risk Advisory - Cyber - Lead Penetration Tester Jobs in Midrand South Africa

Find daily jobs in South Africa. Jobs - South Africa jobs. Search our career portal & find the latest South African job positions, career opportunities & jobs in South Africa.

Jobs in South Africa - banking jobs, IT jobs, accounting jobs, NGO jobs, business administration, ICT, UN jobs, procurement jobs, education jobs, hospital jobs, human resources jobs, engineering, teaching jobs, and other careers in South Africa.

Find your dream job from 1000s of vacancies in South Africa posted and updated daily - click here!