Red Team Specialist
Deloitte
Other Engineering
Amsterdam, Netherlands
Posted 6+ months ago
Red Team Specialist
- Technology & Transformation
- Amsterdam The Edge
- Bachelor (HBO/WO)
Simulate real-world cyber threats, develop innovative tradecraft, and execute covert operations in complex IT environments. At Deloitte.
W h a t i m p a c t w i l l y o u m a k e ?
W
h
a
t
i
m
p
a
c
t
w
i
l
l
y
o
u
m
a
k
e
?
We take a proactive approach to strengthening
organisational resilience through ethical hacking. As a Red
Team specialist, you will work in a highly skilled team to
perform Red Team exercises for our international clients.
Using your offensive skills and experience, you will covertly
breach our clients’ networks and provide
recommendations to strengthen the client’s security
posture. To sharpen your skills, you will perform research
on the latest techniques and tools, join and share insights
at our Deloitte Global Red Team knowledge exchange
sessions.
H o w d o y o u d o t h i s ?
H
o
w
d
o
y
o
u
d
o
t
h
i
s
?
- Finding creative ways to obtain a foothold in a client's network.
- Applying an adversary mindset to simulate sophisticated actors and achieve project-specific objectives.
- Covertly traversing the network, avoiding detection.
- Performing research, developing your own tools, and sharpening your tradecraft.
- Sharing your research within the Deloitte Global Red Team community and with the broader security community, for example writing blogs, speaking at conferences, or publishing code.
- Turning security weaknesses into tailored and concrete recommendations which you will present to clients.
- Follow-up to Red Team exercises with Purple Team workshops to help our clients’ defensive teams to identify tactics, techniques, and procedures (TTPs) used by real-world adversaries.
W h a t ’ s i n i t f o r y o u ?
W
h
a
t
’
s
i
n
i
t
f
o
r
y
o
u
?
- You’llreceiveaprofit-sharingbonus.Ontopofyourfixedsalary.Continuousprofessionalgrowth.Joinourdevelopmentprogram.Awork-from-homeofficesetupallowancetomakesureyouhaveeverythingyouneedforanergonomicallydesignedworkstationandinternetallowance.Workpart-time(32hoursaweek)orfull-time(40-hoursaweek).
What’s in it for you?
- You’llreceiveaprofit-sharingbonus.Ontopofyourfixedsalary.
- Continuousprofessionalgrowth.Joinourdevelopmentprogram.
- Awork-from-homeofficesetupallowancetomakesureyouhaveeverythingyouneedforanergonomicallydesignedworkstationandinternetallowance.
- Workpart-time(32hoursaweek)orfull-time(40-hoursaweek).
- Flexibleworkinghours,youareinchargeofyourowncalendar.
- 26daysofpaidannualleave,andtheopportunitytopurchaseadditionalleave.
- Theoptiontoexchangethreenationalholidaysforthreenon-nationalholidays.
- Agoodmobilityscheme:thechoiceofvariousoptionssuchasaleasecar,travelbypublictransport,acashoptionoracombinationofthese.
- AlaptopandiPhone.TheiPhonecanbeforpersonaluse.
- Atimefortimearrangementthatcreatesflexibilityforpersonalmomentsthatmatter.
- Agoodpensionschemewithapersonalcontributionofonly2%.Foracomfortablefuture.
- Anopportunitytotakepartinourcollectivehealthinsurancescheme.
- Anopportunitytobenefitfromtax-efficientfacilitiessuchasfitness,abicycleschemeortheopportunitytoleaseabicycle.
- Theopportunitytouse55hoursofbabysittingservicepercalendaryear,ifyourchildis12yearsoldoryounger.
- Aflexiblebudget,whichyoucanusetomakechoicesinflexiblebenefits,forexample:purchasingextraleavedaysorfinancingabicycleplan.
- Sixweeksoffullypaidbirthleavefortraditionalhouseholdsandrainbowfamilies.
B e t h e t r u e y o u
B
e
t
h
e
t
r
u
e
y
o
u
You are an offensive security enthusiast, finding creative ways to break into highly secured
environments and laterally move to obtain access to the most critical assets. You do all this
staying under the radar of Blue Teams and sysadmins. You are keen on researching new
techniques and developing solutions to reach your goals. For the role of Red Team
specialist, you also have:
- Mastered C2 frameworks like Mythic, Cobalt Strike, Brute Ratel, Nighthawk.
- A track record of obtaining initial footholds in mature enterprise environments.
- Experience evading Endpoint Detection and Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, Elastic, SentinelOne, and Trellix.
- Advanced knowledge of common enterprise technologies such as Active Directory and Azure/Entra ID.
- Programming experience in languages such as C/C++, C#, PowerShell, Python and bash.
- A creative mindset to the entire cyber kill chain from obtaining initial access to achieving objectives that align with organization-specific business risks (not just “Domain Admin”!).
- Conducted Red Team operations in complex environments, e.g., TIBER-EU, ART, CBEST.
- A passion for R&D with experience crafting your own tools and a drive to stay up-to-date with attack techniques and vulnerabilities.
- Worked proficiently with offensive tooling like Impacket, Mimikatz, Kekeo, BloodHound, Rubeus, socat and Sysinternals suite.
- Good communication skills and fluency in English.
- While not mandatory, relevant certifications can be an advantage (e.g., OSEP, OSED, OSEE, CRTO, CRTL, CRTE, CCRTS/CCSAS).
- It’s a plus if you have presented at security conferences or written technical blogs and whitepapers.
C o n n e c t y o u r f u t u r e t o D e l o i t t e
C
o
n
n
e
c
t
y
o
u
r
f
u
t
u
r
e
t
o
D
e
l
o
i
t
t
e
We are curious to know more about you. To learn what makes you exceptional. Because at
Deloitte, we believe that our mutual differences add value to our client’s needs. Please
introduce yourself and apply for this great opportunity. We are pleased to offer you tips on
how to responsibily combine AI with your unique qualities, ensuring that 'your recruitment
process' truly represents you. Not sure if this vacancy is right for you? Please contact the
recruiter below.