DRSC Global Technology, Assistant Manager - Penetration Testing

Are you ready to unleash your potential?

At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve.

We believe we have a responsibility to be a force for good, and WorldImpact is our portfolio of initiatives focused on making a tangible impact on society’s biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable, inclusive as well as sustainable business practices.

Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals.

We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognised for their contributions.

Ready to unleash your potential with us? Join the winning team now!

Work you’ll do

As Assistant Manager, Penetration Tesing, you will be responsible for providing penetration testing services through a combination of technology and manual ingenuity as part of the Global cyber services organization for member firms.

Responsibilities of this role include:

• Assisting in technical scoping of security testing activities.
• Support team QA review processes. 
• Executing security testing
• Web Application Penetration Testing
• Web Services / Application Programming Interface (API) Penetration Testing
• Network Penetration Testing
• Mobile Application Penetration Testing
• Thick Client Penetration Testing
• AI Security Testing
• Conducting focused research when not deployed on an active project
• Provide consultative guidance to customers on findings identified in a clear and actionable fashion both in writing and verbally.
• Enhancing and updating testing methodologies, processes and standards documentation
• Maintaining proficiency of knowledge through ongoing training paths
• Proficient at analyzing and understanding complex architecture designs.
• Ability to effectively communicate what services and capabilities our group can facilitate to our clients and responsibilities here. 

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally,  Assistant Managers across our Firm are expected to:

• Actively seek out developmental opportunities for growth, act as strong brand ambassadors for the firm as well as share their knowledge and experience with others.
• Respect the needs of their colleagues and build up cooperative relationships.
• Understand the goals of our internal and external stakeholder to set personal priorities as well as align their teams’ work to achieve the objectives.
• Constantly challenge themselves, collaborate with others to deliver on tasks and take accountability for the results.
• Build productive relationships and communicate effectively in order to positively influence teams and other stakeholders.
• Offer insights based on a solid understanding of what makes Deloitte successful.
• Project integrity and confidence while motivating others through team collaboration as well as recognising individual strengths, differences, and contributions.
• Understand disruptive trends and promote potential opportunities for improvement.

Requirements

• Demonstated experiance of operating in a penetration testing role.
• Experience using common testing tools like Burp, OWASP ZAP, Metasploit, Postman, Swagger, NMAP, Qualys, SQLMap, others.
• Experienced with Kali Linux or other dedicated Penetration Testing OS Platform
• Advance mobile penetration testing, Application Penetration Testing and architectural security principles
• Familiarity with software security weakness and vulnerabilities
• Working knowledge of one scripting language and familiarity with at least one software programming language and framework
• Demonstrated experience working with diverse stakeholders, preferably on a global multi-national basis
• Ability to manage concurrent initiatives and use effective judgment in prioritization and time management
• Strong written and verbal communication skills

Preferred:

• Certified Ethical Hacker (CEH) Certification
• Offensive Certified Security Professional (OSCP) Certification
• Any GIAC Certification (GSEC, GWAB, GPEN, GMOB, GCPN)
• OWASP Application Security Top 10
• OWASP API Security Top 10
• OWASP Thick Client Top 10
• OWASP LLM Top 10
• MITRE ATT&CK Framework
• Cloud Service testing
• Reverse Engineering
• Static Application Software Testing (SAST)
• Dynamic Application Testing (DAST)
• Experience of Agentic development and its application to support penetration testing

Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorised Deloitte Recruiters via firm’s business contact number or business email address.