Manager - RED Team - SG

Are you ready to unleash your potential?

At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve.

We believe we have a responsibility to be a force for good, and WorldImpact is our portfolio of initiatives focused on making a tangible impact on society’s biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable, inclusive as well as sustainable business practices.

Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals.

We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognized for their contributions.

Ready to unleash your potential with us? Join the winning team now!

What you will do

As a RED Team Manager at Deloitte, you take on the exciting challenge of simulating real-world cyberattacks to put an organization's security to the test. You’re the mastermind behind creative, sophisticated attack scenarios that push defenses to their limits, revealing hidden vulnerabilities and weaknesses. Working closely with security teams, you help them sharpen their skills and strengthen their defenses, providing actionable insights along the way. You dive deep into the results, always staying one step ahead of emerging threats. On top of that, you guide and mentor your team, creating an environment where innovation thrives, and everyone contributes to protecting clients from evolving cyber threats.

You will

• Simulate real-world attacks using various tactics, techniques, and procedures.
• Conduct penetration testing, vulnerability assessments, and social engineering exercises.
• Identify and exploit vulnerabilities within the organization’s infrastructure.
• Perform threat modeling exercises to understand potential threats.
• Document findings and provide comprehensive reports with recommendations.
• Collaborate with security teams to improve incident response capabilities.
• Stay updated with the latest attack vectors and threat landscapes.

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves every day to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. Additionally, Manager across our Firm are expected to:

• Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to objectives and sets personal priorities.
• Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador.
• Seek opportunities to challenge themselves, collaborate with others to deliver and takes accountability for results.
• Build relationships and communicates effectively in order to positively influence peers and stakeholders.
• Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.

Enough about us, let's talk about you.

• Proven experience as a Red Team manager or similar role in cybersecurity.
• Deep understanding of attacker tactics, techniques, and procedures (TTPs).
• Ability to think like an adversary and uncover hidden vulnerabilities.
• Relevant certifications (e.g., OSCP, CRTO) are a plus.
• Excellent problem-solving and analytical skills.
• Experience with various public cloud components and architectures.
• Experience in evading security detection controls.
• A passion for offensive security, Red Teaming and a drive to stay up-to-date with current attack techniques and new vulnerabilities.
• Knowledge of security testing frameworks and standards such as OSSTMM, OWASP, NIST SP 800-115, Lockheed Martin’s Kill Chain, and MITRE ATT&CK.
• Experience with technologies like WMI, WinRM, (Azure) AD and ability to script/program using e.g. PowerShell, C#, C, Python, Go, Bash for offensive purposes.
• Experience setting up and using C2, working with tools like Cobalt Strike, Impacket, Mimikatz, Kekeo, Rubeus, socat and Sysinternals suite.

Due to volume of applications, we regret that only shortlisted candidates will be notified.

Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via official Deloitte website.