Job Description: Responsibilities & Requirements
Deloitte is the largest private professional services network in the world. Every day, approximately 312,000 professionals in more than 150 countries demonstrate their commitment to a single vision: to be the standard of excellence, while working towards one purpose – to make an impact that matters.
Deloitte West Africa is a cluster of Deloitte offices that has joined together to provide seamless cross-border services to our clients in the region and to pass on the benefits of scale and access to resources that this organization can generate. Our West Africa practice serves multinationals, large national enterprises, small and medium-sized enterprises and the public sector across these regions: Nigeria and Ghana.
In Ghana, Deloitte is one of the leading professional services organisations, specialising in providing Audit, Tax & Regulatory, Business Process Solutions, Consulting, Risk Advisory and Financial Advisory services. We serve clients in a variety of industries from financial services, to consumer business and industrial products, telecommunications, energy and resources, manufacturing and the public sector.
Our professionals are unified by a collaborative culture that fosters integrity, outstanding value to markets and clients, commitment to each other, and strength from cultural diversity. They are dedicated to strengthening corporate responsibility, building public trust, and making a positive impact in their communities. We understand that our professionals hold interests outside of the work space and we aim to encourage work/life balance, supporting them in all aspects of their lives.
ADVERTISEMENT
CONTINUE READING BELOW
Our talented professionals and our clients understand the link between a strong learning and development programme and the ability for Deloitte to deliver on its promise of consistent, high-quality service delivery worldwide.
Whatever your age, gender or culture, take your career to the next level with the talents and capabilities you will develop at Deloitte.
Job Description
About the Role
We are seeking an elite Penetration Tester to join our elite security team. You will be a relentless hunter, identifying and exploiting critical vulnerabilities across our complex technological landscape. In this role, you’ll be responsible for securing clients web applications, APIs, networks, infrastructure, Active Directory, and cloud environments. You will be a trusted advisor, working collaboratively to remediate vulnerabilities and continuously improve various client’s security posture.
Qualifications
Responsibilities:
- Design, execute, and document comprehensive penetration testing engagements encompassing:
- Web applications: Leverage advanced techniques to uncover critical vulnerabilities (SQL injection, XSS, CSRF, RCE) and assess their exploitability.
- APIs: Utilize various tools and methodologies to identify security misconfigurations, broken authentication, and authorization flaws in APIs.
- Networks and Infrastructure: Conduct in-depth network assessments to discover weaknesses in network segmentation, firewalls, and network devices. Employ pivoting, escalation of privileges, and lateral movement techniques to compromise systems.
- Active Directory: Assess the security posture of Active Directory, focusing on misconfigurations, insecure password policies, and privileged account controls.
- Cloud Environments: Perform cloud security assessments on platforms like AWS, Azure, or GCP, identifying insecure configurations, storage vulnerabilities, and potential access control issues.
- Exploit discovered vulnerabilities using advanced tools and techniques to demonstrate real-world impact.
- Create detailed penetration testing reports that clearly document findings, risks, proof-of-concepts, and recommended remediation strategies.
- Proactively stay ahead of the evolving threat landscape by researching emerging vulnerabilities, exploits, and offensive security tools.
- Collaborate effectively with development, IT, and security teams to prioritize vulnerabilities, remediate issues, and enhance security controls.
- Maintain an unwavering commitment to ethical hacking principles and best practices.
ADVERTISEMENT
CONTINUE READING BELOW
Requirements:
- Minimum of 2+ years of experience in penetration testing or a related security field, with a proven track record of success in identifying and exploiting high-impact vulnerabilities.
- In-depth understanding of penetration testing methodologies (e.g., OWASP methodologies, PTES) and a vast toolkit of industry-standard penetration testing tools (Burp Suite, Metasploit, Nessus, etc.).
- Extensive experience in scripting languages (Python, Bash, PowerShell) for automating tasks and developing custom exploits.
- Solid understanding of cloud security concepts and experience in securing cloud environments (AWS, Azure, GCP).
- Expertise in Active Directory security, including identification and exploitation of misconfigurations and privilege escalation techniques.
- Experience in API security testing methodologies and tools.
- Exceptional written and verbal communication skills with the ability to clearly articulate complex technical findings to both technical and non-technical audiences.
A passion for security and a relentless drive to push the boundaries of offensive security
Preferred Qualifications:
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
- 2nd class Upper or better
- Proven experience in social engineering techniques.
- Certifications such as eJPT, CEH, CPENT, OSCP, OSCE, GCIH, GWAPT,CISSP and any cloud related certification.
- Experience in mobile application security testing.
- Experience in container security (Docker, Kubernetes).
Experience in building and utilizing custom security frameworks and tools
« Go back to the jobs list
RELATED JOBS >> CLICK A JOB BELOW TO VIEW & APPLY
Deloitte is the largest private professional services network in the world. Every day, approximately 312,000 professionals in more than 150 countries demonstrate their commitment to a single vision: to be the standard of excellence, while working towards one purpose – to make an impact that matters.
Deloitte West Africa is a cluster of Deloitte offices that has joined together to provide seamless cross-border services to our clients in the region and to pass on the benefits of scale and access to resources that this organization can generate. Our West Africa practice serves multinationals, large national enterprises, small and medium-sized enterprises and the public sector across these regions: Nigeria and Ghana.
In Ghana, Deloitte is one of the leading professional services organisations, specialising in providing Audit, Tax & Regulatory, Business Process Solutions, Consulting, Risk Advisory and Financial Advisory services. We serve clients in a variety of industries from financial services, to consumer business and industrial products, telecommunications, energy and resources, manufacturing and the public sector.
Our professionals are unified by a collaborative culture that fosters integrity, outstanding value to markets and clients, commitment to each other, and strength from cultural diversity. They are dedicated to strengthening corporate responsibility, building public trust, and making a positive impact in their communities. We understand that our professionals hold interests outside of the work space and we aim to encourage work/life balance, supporting them in all aspects of their lives.
ADVERTISEMENT
CONTINUE READING BELOW
Our talented professionals and our clients understand the link between a strong learning and development programme and the ability for Deloitte to deliver on its promise of consistent, high-quality service delivery worldwide.
Whatever your age, gender or culture, take your career to the next level with the talents and capabilities you will develop at Deloitte.
Job Description
About the Role
We are seeking an elite Penetration Tester to join our elite security team. You will be a relentless hunter, identifying and exploiting critical vulnerabilities across our complex technological landscape. In this role, you’ll be responsible for securing clients web applications, APIs, networks, infrastructure, Active Directory, and cloud environments. You will be a trusted advisor, working collaboratively to remediate vulnerabilities and continuously improve various client’s security posture.
Qualifications
Responsibilities:
- Design, execute, and document comprehensive penetration testing engagements encompassing:
- Web applications: Leverage advanced techniques to uncover critical vulnerabilities (SQL injection, XSS, CSRF, RCE) and assess their exploitability.
- APIs: Utilize various tools and methodologies to identify security misconfigurations, broken authentication, and authorization flaws in APIs.
- Networks and Infrastructure: Conduct in-depth network assessments to discover weaknesses in network segmentation, firewalls, and network devices. Employ pivoting, escalation of privileges, and lateral movement techniques to compromise systems.
- Active Directory: Assess the security posture of Active Directory, focusing on misconfigurations, insecure password policies, and privileged account controls.
- Cloud Environments: Perform cloud security assessments on platforms like AWS, Azure, or GCP, identifying insecure configurations, storage vulnerabilities, and potential access control issues.
- Exploit discovered vulnerabilities using advanced tools and techniques to demonstrate real-world impact.
- Create detailed penetration testing reports that clearly document findings, risks, proof-of-concepts, and recommended remediation strategies.
- Proactively stay ahead of the evolving threat landscape by researching emerging vulnerabilities, exploits, and offensive security tools.
- Collaborate effectively with development, IT, and security teams to prioritize vulnerabilities, remediate issues, and enhance security controls.
- Maintain an unwavering commitment to ethical hacking principles and best practices.
ADVERTISEMENT
CONTINUE READING BELOW
Requirements:
- Minimum of 2+ years of experience in penetration testing or a related security field, with a proven track record of success in identifying and exploiting high-impact vulnerabilities.
- In-depth understanding of penetration testing methodologies (e.g., OWASP methodologies, PTES) and a vast toolkit of industry-standard penetration testing tools (Burp Suite, Metasploit, Nessus, etc.).
- Extensive experience in scripting languages (Python, Bash, PowerShell) for automating tasks and developing custom exploits.
- Solid understanding of cloud security concepts and experience in securing cloud environments (AWS, Azure, GCP).
- Expertise in Active Directory security, including identification and exploitation of misconfigurations and privilege escalation techniques.
- Experience in API security testing methodologies and tools.
- Exceptional written and verbal communication skills with the ability to clearly articulate complex technical findings to both technical and non-technical audiences.
A passion for security and a relentless drive to push the boundaries of offensive security
Preferred Qualifications:
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
- 2nd class Upper or better
- Proven experience in social engineering techniques.
- Certifications such as eJPT, CEH, CPENT, OSCP, OSCE, GCIH, GWAPT,CISSP and any cloud related certification.
- Experience in mobile application security testing.
- Experience in container security (Docker, Kubernetes).
Experience in building and utilizing custom security frameworks and tools