Penetration Tester, Cyber Risk Services - Risk Advisory, Zurich (80-100%)


  • Kanton Zürich
  • Unbefristet
  • Vollzeit
  • 2 Monate her
Description du poste

Position summary

About Deloitte

Deloitte is a leading global accounting and consulting company, with approximately 312'000 people in 150 countries and territories. In Switzerland, we provide industry-specific services in the areas of Audit & Assurance, Consulting, Financial Advisory, Risk Advisory and Tax & Legal. With more than 2,000 employees at six locations in Basel, Berne, Geneva, Lausanne, Lugano and Zurich, we serve companies and organisations of all legal forms and sizes in all industry sectors.

Cyber Risk Services at Deloitte

In a rapidly changing world where information is the new currency, the corresponding information security and privacy have become a board level challenge. Deloitte has the largest Cyber capability of the Big 4 in the European marketplace with over 600 Cyber Risk Specialists staffing thousands of client engagements. The team combines a wealth of deep industry knowledge and technical expertise.

Within the Cyber team, we provide our clients a full spectrum of security and privacy services, from strategy to large-scale transformation programmes, fixing security issues and delivering tangible benefits.

Leading security and privacy experts with the right level of intellectual curiosity drive our business. You will be continuously challenged, build leadership skills and long lasting relationships with a team that respects you and is fun to work with. In addition, you can drill deep and become a specialist within an industry sector or grow as a generalist.

The environment at Deloitte is made up of intellectually curious, smart people; including world class security and privacy experts. Your mix of work will help foster your leadership skills and you'll develop relationships with a team that you respect and have fun with. In addition, you will have the opportunity to identify areas of work which are of particular interest to you. You can drill deep and become an expert, grow as a generalist or develop a specialism within an industry sector.

What you'll do
  • Be the service lead of one or multiple application security managed services
  • Point of contact for our clients regarding all service management related aspects
  • Stakeholder management, including presentations to management and reporting
  • Perform quality reviews of penetration testing reports
  • Lead manual infrastructure, web & mobile application and IoT penetration test assignments
  • Support/lead vulnerability management programs to help clients with their Secure Software Development Lifecycle
  • Perform offensive and defensive security (Red and Blue teaming) assessments.
  • Be responsible for performing security configuration reviews
  • Conduct manual and automated security code reviews
  • Perform large security assessments such as Red Teaming
  • Train clients or colleagues in conducting penetration testing
  • Present assessment results to management and explain the steps required for remediation
What you need
  • Comprehensive experience in information security and aligned qualifications in security standards such as ISO 27001 or equivalent
  • Multi-year experience in leading penetration testing managed services
  • Experience in leading penetration testing teams and in training junior penetration testers
  • Experience in reviewing penetration test reports and quality assurance
  • Experienced with malware reverse engineering and code review
  • Exposure to a variety of industries inclusive but not exhaustive to; FSI and HCLS
  • Experience with Red teaming exercises. Experience in Blue/Purple teaming is advantageous
  • At least ten years of experience in penetration testing (including Web, Mobile and Thick client applications and infrastructure), reverse engineering or Red teaming
  • At least one of the following certifications such as OSCP, SANS GWAPT, SANS GPEN, SANS GMOB or SANS GXPN.
  • Strong interpersonal skills as well as the proven ability to develop long-lasting relationships, influence stakeholders, and negotiate agreements are expected.
  • Proven ability to communicate with senior management
  • You will have strong analytical and problem solving skills and the ability to articulate complex concepts in a clear and concise manner.
  • Fluent English, both written and verbal are mandatory; German or French skills are strongly desired. One of these three languages ought to be native level.
Any questions? Get in touch.

We look forward to hearing from you! Please submit a complete application, including CV, cover letter, references and degree certificates, using our online career portal .

If you have any question, please contact Irina Rusu at .

Deloitte AG and Deloitte Consulting AG are Swiss subsidiaries of Deloitte LLP, the DTTL member firm in the United Kingdom.

Requisition code: 177347

Salaire et avantages

Salaire : according to profile



Mehr Erfahren und Bewerben