Job Title:  RA-CSR-D&R-Attack Surface Management

Job requisition ID ::  62597
Date:  Apr 3, 2024
Location:  Bengaluru
Designation:  Manager

What impact will you make?

Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you’ll find unrivaled opportunities to succeed and realize your full potential
Deloitte is where you’ll find unrivaled opportunities to succeed and realize your full potential.


The Team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks.
Learn more about our Cyber Risk Practice.

Work you’ll do
As a part of our Risk Advisory team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations.



  • Good understanding of penetration testing process and methodologies
  • Knowledge of OWASP, emerging threat patterns, and compliance standards
  • Understanding of OWASP top ten vulnerabilities
  • Experience in Black box, grey box Web application penetration testing
  • Experience in Mobile application penetration testing
  • Experience in API penetration testing
  • Experience in Infrastructure Penetration Testing
  • Experience in Secure Code Review (Code Security Review)
  • Experience in conducting configuration reviews of Windows, Linux, UNIX, Solaris, Databases, etc.
  • Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture
  • Experience to assess and evaluate new applications and software, develop and executing test security cases, understanding of emerging threat landscape, ability to locate threats/vulnerabilities, pentest tools, and software frameworks
  • Effective Vulnerability reporting skills
  • Experience with Application Security and Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc.
  • Experience in basic scripting such as Shell, Python, PERL, etc.
  • Good to have certifications – OSCP, CEH, GWAPT
  • Excellent communication skills, experience in report walkthrough discussions & presentations, and remediation support
  • Active participation in the security community with either technical sessions, or bug bounty programs is a plus


Additional Skills

• Strong analytical and communication skills (written, verbal, and presentation)
• Open to learning new tools and technologies as per the project requirement
• Interactive with team members and confident during client meetings, under the guidance of senior members of the project
• Initiative & drive
• Be deadline-oriented and quality-focused
• Familiarity with industry standards and frameworks such as OWASP, CIS, NIST ISO/IEC 17799, etc.
• Demonstrates basic knowledge of security and privacy controls and risk management processes
• Demonstrates basic knowledge in one or more Cyber Threat Management domains such as: Threat Management, Cyber Operations/Fusion Managed Services, Malware Analysis, Collective Threat Intelligence and Cyber Risk Sciences, Incident Management and Forensics, Data Protection solutions.


Your role as a leader

At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters.

In addition to living our purpose, across our organization:

• Builds own understanding of our purpose and values; explores opportunities for impact
• Demonstrates strong commitment to personal learning and development; acts as a brand ambassador to help attract top talent
• Understands expectations and demonstrates personal accountability for keeping performance on track
• Actively focuses on developing effective communication and relationship-building skills
• Understands how their daily work contributes to the priorities of the team and the business.


How you’ll grow


At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career.