General Information

Position
Senior Offensive Security Consultant | Cyber Defense & Resilience | Romania
Work arrangement
Full-time
City
Bucharest
Country
Romania
Department
Consulting
Team
Cyber
Area of interest
Business Development, Consulting, Cyber, IT - Development, IT - Services, Project & Programme Management
Way of work
Hybrid

Description & Requirements

Who we are looking for
✔ Are you passionate about offensive security and thrive on uncovering vulnerabilities before adversaries do?
✔ Do you want to work with global and Hungarian clients on high-impact penetration tests and adversary emulation engagements?
✔ Are you eager to sharpen your skills in red teaming, threat intelligence, and cutting-edge attack simulation?


Join our Cyber Attack Surface Management team and help leading organizations strengthen their resilience by delivering intelligence-led offensive security engagements. Work alongside industry professionals, contribute to complex projects, and grow your career in one of the most dynamic areas of cybersecurity.

🎯 What we expect from you:

  • 5+ years of hands-on penetration testing/offensive security experience across domains.

  • OSCP certification (mandatory) – additional offensive certs (OSEP, OSED, CRTO, GXPN) are a plus.

  • Strong expertise in Windows, Linux, and Active Directory attack paths (Kerberoasting, AS-REP, ACL abuse, DCSync/DCShadow, LAPS, local admin hygiene).

  • Proficiency with core offensive tools: Burp Suite, Nmap, Metasploit/Impacket, BloodHound/SharpHound, Kerberos tooling, Responder/NTLM relay, JWT/OAuth/OIDC testing, cloud utilities (AWS/Azure/GCP).

  • Scripting/automation in at least two: Python, PowerShell, Bash, Go.

  • Strong communication skills – ability to write executive-level narratives and precise technical guidance.

  • Familiarity with MITRE ATT&CKthreat-led testing frameworks (e.g., TIBER-EU), and converting threat intel into emulation plans.


Your future role

As a Senior Offensive Security Consultant, you will:

  • Lead and deliver multi-domain penetration tests (external, internal, AD, cloud, wireless, web/API, mobile) from scoping to reporting, using PTES, NIST SP 800-115, and OWASP methodologies.

  • Build intelligence-led test plans, aligning with client use cases and mapping to MITRE ATT&CK.

  • Conduct adversary emulation (threat-led testing / TIBER-EU scenarios), including OSINT, phishing support, and post-exploitation tradecraft.

  • Correlate findings with threat intelligence and produce concise, actionable reports (executive summaries, exploit chains, remediation roadmaps).

  • Maintain and extend your ethical hacking toolkit (Burp Suite, Nmap, Impacket, BloodHound, Kerberos tooling, cloud assessment utilities, C2 frameworks).

  • Mentor junior consultants, review methodologies and deliverables, and contribute to internal knowledge bases.

  • Stay ahead of the curve by tracking the latest exploits, actor tradecraft, and detection evasion techniques.

  • Collect, triage, and analyze threat intelligence (feeds, reports, STIX/TAXII, MISP/OpenCTI, Shodan/Censys).

  • Map IOCs/TTPs to ATT&CK techniques and client detection capabilities.

  • Translate intel into repeatable emulation steps and validation criteria.


What we offer
Be part of a global team delivering cybersecurity solutions that make a real impact. You’ll work in an environment that values technical depth, learning, and collaboration. At Deloitte, we’ll help you grow your skills, gain international experience, and contribute to shaping the cybersecurity landscape. 🌍

👉 Fringe benefits:
  • Flexible Benefits Plan – an allowance per month for benefits (eg medical subscription, meal tickets, private pension)​.
  • Annual performance bonus.
  • Working in hybrid mode.
  • 2 additional days off per year for medical leave without a medical certificate​.
  • Comprehensive travel insurance (both work and personal travel)​.
  • Days off for special personal events, accordingly to the Internal Regulations​.
  • Bookster subscription​.
  • Learning & Development: LinkedIn Learning, Udemy for Business, getAbstract​.
  • The employee assistance program: 24/7 consultancy (financial, psychological, legal)​.
  • Teleworking allowance.

Selection process
We thank all applicants in advance for submitting their resumes but please note that only those candidates selected for an interview will be contacted.

1 step - HR Interview (10-15 minutes)
2 step - professional interview (45 minutes)
3 step - 2nd stage professional interview with business leaders (45 minutes)
4 step - Welcome on Board!

About Deloitte

We give you the means and the know-how, you bring the inspiration and the enthusiasm. Join Deloitte Romania and explore where and how far you can go, through the countless learning and professional development opportunities that our company offers and the continuous support of our friendly team!

In Romania, the services are provided by Deloitte Audit SRL, Deloitte Tax SRL, Deloitte Consultanta SRL, Deloitte Accounting SRL, Deloitte Fiscal Representative SRL, Deloitte Tehnologie SRL, Deloitte Support Services SRL, Deloitte Shared Services SRL as well as Reff & Asociații SPRL, the correspondent law firm of Deloitte in Romania, (jointly referred to as “Deloitte Romania) which are affiliates of Deloitte Central Europe Holdings Limited. Deloitte Romania is one of the leading professional services organizations in the country providing services in professional areas of audit, tax, legal, management consulting, financial advisory, risk management services, outsourcing solutions and technology consulting and other related services through over 3,400 national and specialized expatriate professionals. To learn more about how Deloitte makes an impact that matters, please visit www.deloitte.ro and connect with us on FacebookLinkedInYouTube and Instagram.

#LI-MB2




https://www.facebook.com/CareersAtDeloitteRomania  https://www.instagram.com/deloitteromania/  https://www.linkedin.com/company/deloitte  https://www.youtube.com/@deloitteromania4922

< Back to search jobs