Position Summary Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

Work You’ll Do

Help lead and executed advanced red team assessments simulating adversarial threat actor behaviors to evaluate organizational security posture and incident response capabilities.Develop and carry out sophisticated social engineering campaigns—including phishing, pretexting, and physical intrusion attempts—to identify gaps in security awareness and operational protocols.Conduct comprehensive vulnerability assessments, actively exploiting identified weaknesses to demonstrate real-world risks to critical assets and business operations.Emulate advanced persistent threat (APT) actor tactics, techniques, and procedures (TTPs) using custom and commercial red team toolsets to assess detection and response mechanisms.Collaborate with blue teams during purple team exercises to improve threat detection, response, and containment strategies and foster cross-team knowledge sharing.Author detailed technical reports and executive summaries outlining vulnerabilities, attack paths, and recommendations for remediation tailored to different stakeholder audiences.Develop custom scripts and tools to automate attack processes, enhance assessment efficiency, and simulate emerging threats.Maintain up-to-date knowledge of the latest attacker methodologies, vulnerabilities, and security technologies through ongoing research and continuous professional development.

The Team

Deloitte’s Government and Public Services (GPS) practice – our people, ideas, technology, and outcomes—are designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.

Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.

Qualifications 

Required: 

Bachelor’s degree required.Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.Must be able to obtain and maintain the required clearance for this role.3+ years of hands-on experience within the following:Penetration testing, red team, or offensive security operations, with a focus on web applications and APIs.Strong working knowledge of enterprise networks, Windows and Linux systems, cloud infrastructure, and security architecture.Experience leveraging offensive security tools (e.g., Cobalt Strike, Metasploit, Empire, BloodHound, custom scripts) and manual exploitation techniques.Familiarity with MITRE ATT&CK or similar frameworks for threat emulation.Offensive Security Certified Professional (OSCP) Certification or ability to obtain within one year of hire.

Preferred:

Certifications such as OSWEP, CRTO, or eJPT (eLearnSecurity Junior Penetration Tester) are highly desirable. Experience with cloud-based application testing, mobile application security, or social engineering. Scripting or programming experience (Python, PowerShell, Bash, etc.).1+ years understanding/ experience within defensive security concepts, blue team operations, and purple teaming practices.

Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.  Our purpose
Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.  Learn more. Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte Transactions and Business Analytics LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Requisition code: 319742 Job ID 319742