Penetration Tester

Deloitte provides industry-leading Audit & Assurance, Tax & Legal, Strategy, Risk & Transactions, and Technology & Transformation services to nearly 90% of the Fortune Global 500® and thousands of private companies.

With more than 470,000 professionals worldwide, we work together every day to make an impact that matters — delivering measurable and lasting results that help reinforce public trust in capital markets, enable our clients to transform and thrive, and lead the way toward a stronger economy, a more equitable society, and a more sustainable world.

Building on its more than 180 years of history, Deloitte spans more than 150 countries and territories. Our organization has grown significantly in both scale and capabilities; however, our shared culture and mission — to make an impact that matters — remains unchanged. This commitment is evident not only in our work for clients, but also in our WorldClass ambition, our WorldClimate initiative, and our ALL IN diversity and inclusion strategy.

Here’s your chance to gain hands-on business experience among top-talent professionals in their fields and to build a strong network of colleagues and friends. Get ready to meet people who will challenge your perspective, broaden your horizons, and help you learn about business from a truly global point of view.

We are seeking high-potential candidates to join our Penetration Testers team.

Be part of work that delivers meaningful impact — for businesses, people and the world. Join us.

What will your typical day look like?

As part of the team, you'll be responsible for shaping, executing penetration testing engagements to identify security weaknesses within client's IT environments, reporting on vulnerabilities and making recommendations for their remediation.

In this role you will be involved in penetration testing engagements:

• Web/mobile application penetration testing
• Network and host layer penetration testing
• API penetration testing
• Load testing
• Cyber resilience
• DDoS testing
• Social engineering testing
• Source code analysis
• Blockchain security
• Vulnerability management

QUALIFICATION:

• A Bachelor or master’s degree in Management Information Systems, Computer Science, Engineering or related field,
• 1-5 years of experience,
• Hold a current OSCP (Offensive Security Certified Professional) in either Infrastructure or Web Applications or similar certification or be in a position and level to pass the exam for the certification,
• The ability to develop scripts or code to automate testing and develop bespoke attacks
• Experience of working with applications that perform a wide range of business functions - ideally across multiple industries,
• Ability to understand and assess applications from both a technical and business function perspective,
• Innovative and analytical in your approach to performing penetration testing, particularly of novel devices and environments,
• Capable of working to strict deadlines and prioritising work appropriately,
• Good communication skills with an ability to explain complex technical issues to non-technical business clients,
• Excellent written skills with demonstrated ability to write reports. Including the ability to discuss findings in a risk perspective with clear remediation advice specific to the client’s environment,
• Solicits feedback to build understanding of own strengths and areas for development
• Understands objectives and desired outcomes for assigned areas of responsibility and sets personal goals accordingly,
• Recognizes and explores opportunities for personal impact on clients and for colleagues and communities,
• Experience of Web Applications, API’s and Microservices, Application vulnerability assessment, Mobile platforms (iOS/Android/Windows/etc), Infrastructure & Network.

Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP) and National Institute of Standards and Technology (NIST) Special Publications. Familiarity with penetration testing and vulnerability tools.

#deloitte #deloitteturkey