Your function as RTO Specialist
As an RTO Specialist, you will work together with a highly skilled and trained team in Red Teaming engagements for our (international) clients. In these engagements, you will covertly breach the client’s network and attempt to work your way as quietly as possible through the network towards specific, agreed upon objectives. As no environment is the same and we will almost exclusively operate in production environments, we expect our RTO Specialists to be up-to-date with knowledge about potential attacks and new exploits and be able to anticipate the results of running specific actions (commands, exploits etc.) on the stability and availability of an environment as well as the risk of being detected by Blue Teams. Furthermore we expect you to be able to turn observations and weaknesses into specific, concrete improvement points. Periodically, you can also be asked to support our Threat Intelligence team and perform online or physical intelligence gathering for our Social Engineering team in engagements.
In order to perform Red Teaming engagements, we expect candidates to have a solid background in networking, network protocols, programming, penetration testing and manual hacking techniques. Having technical certifications such as OSCP, OSCE, CCNA, etc. is an advantage.
Upon joining, you will be given the opportunity to join the Deloitte Red Teaming Operations Hacklab in which you will learn OSINT, Social Engineering, Physical Security and Network Exploitation techniques.
Candidates should have at least a Computer Science (Bachelors) degree or similar and a drive to keep developing themselves. Education as an RTO Specialist will never stop and we expect our professionals to keep developing themselves and keep up-to-date with current techniques and new vulnerabilities. As the majority of the work will be performed on-site for an international client base, we expect strong communication skills, professional proficiency of the English language and an urge to see the world.
From the RTO Specialist position, you can grow into leading Red Teaming engagements on-site as a technical leader or progress into the RTO Manager position, depending on your preferences and skills.
If you have the drive to be up-to-date with the latest vulnerabilities and exploits, want to work in challenging environments where every engagement is different and are not afraid to directly interface with clients every now and then, this may be the job for you.
We welcome candidates with skills in 0-day research and malware development.
The Red Team within Deloitte consists of almost twenty highly skilled professionals in the Netherlands working closely together with the Deloitte Global Red Team. We deliver Red Teaming engagements both within the Benelux and around the world. With OSINT, Social Engineering, Phishing and Network Exploitation specialists, we perform in-depth Red Teaming engagements to simulate an adversary and show both how vulnerable the client is as well as train their Blue team.
Every year, we have an integrated training (CTF-based) with our Hacking and Monitoring team, as well as a meeting with the Global Red Teams in rotating locations around the world. Furthermore, we organize monthly technical evenings to come together and learn from each other.
Your career path at Deloitte
With offices throughout the Netherlands and well over 5500 employees, Deloitte is a leading firm in Audit, Tax, Consulting, Risk Advisory and Financial Advisory. Our auditors are market leaders in several market segments. It means you will be working with ambitious, highly educated colleagues, often in multidisciplinary and international teams. Our business culture is pleasant, open and leaves much room for innovation and starting your own initiatives. Our employment benefits suit your ambition and needs and include an excellent leased car scheme, a laptop, an Iphone, and an excellent pension scheme. Top talent rises fast in our organization. Of course we will help you where we can, with a balanced training program, a customized competence model and continuous feedback.