Senior Offensive Security Specialist

Amsterdam
Bachelor (HBO/WO)
Technology & Transformation

Senior Offensive Security Specialist

Amsterdam
Bachelor (HBO/WO)
Technology & Transformation

This job in a nutshell

Help improving cyber resilience of our clients by engineering, hacking and emulating real-world threats against challenging IT environments. At Deloitte.

Benefits

  • You’ll receive a profit-sharing bonus. On top of your fixed salary.
  • Continuous professional growth. Join our development program.
  • A work-from-home office setup allowance to make sure you have everything you need for an ergonomically designed workstation and internet allowance.
  • Work part-time (32 hours a week) or full-time (40 hours a week).
  • Flexible working hours, you are in charge of your own calendar.
  • 26 days of paid annual leave, and the opportunity to purchase additional leave.
  • The option to exchange three national holidays for three non-national holidays.
  • A good mobility scheme: the choice of various options such as a lease car, travel by public transport, a cash option or a combination of these.
  • A laptop and iPhone. The iPhone can be for personal use.
  • A time for time arrangement that creates flexibility for personal moments that matter.
  • A good pension scheme with a personal contribution of only 2%. For a comfortable future.
  • An opportunity to take part in our collective health insurance scheme.
  • An opportunity to benefit from tax-efficient facilities such as fitness, a bicycle scheme or the opportunity to lease a bicycle.
  • The opportunity to use 55 hours of babysitting service per calendar year, if your child is 12 years old or younger.
  • A flexible budget, which you can use to make choices in flexible benefits, for example: purchasing extra leave days or financing a bicycle plan.
  • Six weeks of fully paid birth leave for traditional households and rainbow families.

What's in it for you?

  • You’ll receive a profit-sharing bonus. On top of your fixed salary.
  • Continuous professional growth. Join our development program.
  • A work-from-home office setup allowance to make sure you have everything you need for an ergonomically designed workstation and internet allowance.
  • Work part-time (32 hours a week) or full-time (40 hours a week).
  • Flexible working hours, you are in charge of your own calendar.
  • 26 days of paid annual leave, and the opportunity to purchase additional leave.
  • The option to exchange three national holidays for three non-national holidays.
  • A good mobility scheme: the choice of various options such as a lease car, travel by public transport, a cash option or a combination of these.
  • A laptop and iPhone. The iPhone can be for personal use.
  • A time for time arrangement that creates flexibility for personal moments that matter.
  • A good pension scheme with a personal contribution of only 2%. For a comfortable future.
  • An opportunity to take part in our collective health insurance scheme.
  • An opportunity to benefit from tax-efficient facilities such as fitness, a bicycle scheme or the opportunity to lease a bicycle.
  • The opportunity to use 55 hours of babysitting service per calendar year, if your child is 12 years old or younger.
  • A flexible budget, which you can use to make choices in flexible benefits, for example: purchasing extra leave days or financing a bicycle plan.
  • Six weeks of fully paid birth leave for traditional households and rainbow families.

Be the true you

You have a passion for offensive security, finding creative ways to break into highly secured environments identifying ways around defenses. Moreover, in case you run into new types of environments or technologies you are able to develop new tools and techniques to reach your objective. For the role of Senior Offensive Security specialist, you also have:

  • a Computer Science degree or similar;
  • a passion for offensive security and a drive to stay up-to-date with current exploits, attack techniques and new vulnerabilities;
  • experience with the protocols at the various layers of the OSI model, think of: ARP, PPP, IPsec, IP, TCP, UDP, ICMP, TLS, SOCKS, ASCII, UTF-8, Base64, CRC, HTTP, QUIC, SMB, etc.;
  • experience with web application security testing, using Burp exploiting SQL injection, file inclusion and HTTP request smuggling vulnerabilities, including experience with scripting to automate repetitive tasks;
  • experience with complex infrastructures, both from an engineering and offensive perspective, evaluating possible entry points at the different layers of the protocol stack and exploiting those to get a foothold in the client's network and laterally move;
  • experience evaluating the security of Windows and Linux operating systems and [Azure] Active Directory environments identifying possible escalation paths and security misconfigurations;
  • relevant security certifications are preferred, some examples: OSCP, OSEP, OSWE, eCPTX, eWPTX, GXPN, etc.;
  • excellent communication skills and fluency in written and spoken English.

What impact will you make?

As a Senior Offensive Security Specialist, you will work in a highly skilled team to perform challenging security tests for our international clients. Using your offensive and engineering skills you will exploit our clients’ networks, perform tactical network exploitation (TNE) and provide hands-on support to strengthen the client’s security posture. To sharpen your skills, you will join the periodic Deloitte Global Offensive Security community knowledge exchange sessions, follow trainings and perform research on the latest techniques and tools.

Together makes progress

Connect your future to Deloitte

How do you do this?

  • finding creative ways to exploit the client's applications and infrastructure;
  • applying hacker's mindset to bypass protections and identify cracks within target systems;
  • providing clients with technical recommendations that match their situation and environment;
  • turning security weaknesses into tailored and concrete recommendations which you will present to clients and provide hands-on support to help clients with improving their security posture
  • performing offensive research on new technologies and developing methodologies to evaluate the security of the setup and configuration;
  • sharing your research within the Deloitte Global Offensive Security community and with the broader security community, for example writing blogs, speaking at conferences, or publishing code.
  • Taede Rakhorst | Partner Cyber Emerging Technologies

    'Our team helps our clients protect where Digital meets their Physical world, reducing their risk to an acceptable level. It allows them to increase automation with confidence and ...
  • Katinka Kruseman Aretz | Manager Cyber Secure Emerging Technologies

    ‘As part of our diverse and international team, you'll contribute to making a positive impact on society securing the operations of industry leaders. Our team thrives on collaborat...
  • Floris Delmee | Senior Manager Cloud Risk

    'As part of the Responsible Cloud team, we help clients bridge the gap between Risk Management, the CISO, Internal / External Audit, and their actual cloud configurations to ensure...
  • Nathalie Steenvoorden | Senior Manager Risk Advisory

    'As our team has many projects in different sectors, it is possible to see different customers in a short time.'

    We would like to meet you!

    We are curious to know more about you. To learn what makes you exceptional. Because at Deloitte, we believe that our mutual differences add value to our client's needs. Please introduce yourself and apply for this great opportunity.

    Our application process

    Select one of the steps for more information

    Step 1: Preparation
    Video thumbnail
    You can apply for our vacancies online or send us an open application. We will ask you to tell us a bit more about yourself, such as your name and address, for example, and information about your educational background. You can upload your CV and a motivation letter. We will send you confirmation when we have received all your details.
    Step 2: CV and motivation
    Video thumbnail
    You can upload your CV and a motivation letter. We will send you a confirmation when we have received all your details.
    Step 3: The assessment
    Video thumbnail
    When a recruiter sees enough of a match with your profile, we will ask you to complete an online assessment. By playing four online games, we can see which qualities and talents you possess and whether they align with the position you've applied for.
    Step 4: The interview
    Video thumbnail
    Depending on the scores of the career scan, you will be invited for a first interview with the recruiter. The first interview is held with a recruiter and someone from the team. We are curious about who you are, what you have done and what you expect from a new job. We also give you more insight into what we are looking for and what the tasks are that belong to the position. If both parties would like to discuss it further, you will be invited for a next interview. In these conversations, we go deeper into the content. What is your talent and what skills do you manage? You can during one of the next interviews get a case study.
    Step 5: The offer
    When all conversations have been satisfactorily completed (for both parties), an offer will follow. The recruiter will draw up the contract for you which you will receive digitally.

    Questions or doubts? Get in touch.

    We are pleased to offer you tips on how to responsibly combine AI with your unique qualities, ensuring that 'your recruitment process' truly represents you. Not sure if this vacancy is right for you? Please contact me.

    Together makes progress

    * You can always request for your personal information to be deleted; read the privacy-statement for more information.

    Not found what you were looking for?