APPLY RIGHT NOW »

Breach and Attack Simulation Engineer

 

 

¿Can you imagine participating in the transformation of leading national and international organizations?

At Deloitte, we are committed to making an impact on society, our clients, and you.

 

 

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

 

As the Breach and Attack Simulation (BAS) Engineer you will perform tasks to identify vulnerabilities in Deloitte environments by simulating the attack paths and techniques likely to be used by malicious actors. The BAS Engineer will drive simulation, prioritization, and remediation of high risk cybersecurity vulnerabilities with internal Deloitte teams. The BAS Engineer will be familiar with creating threat profiles, installing BAS infrastructure, simulation execution, and creating reports for internal stakeholders for prioritized remedation. As part of the Global Cybersecurity function you will:

 

What is the challenge? 

 

  • Design, execute, and manage simulated cyber-attacks using BAS platforms to evaluate the effectiveness of security controls.
  • Facilitate the configuration and placement of Automated attack simulation infrastructure with internal stakeholders.
  • Establish and execute cyber exercises and partner with internal stakeholders to reduce risk.
  • Overcome delivery challenges, including but not limited to; priority conflicts, business versus technology perspective, resource availability and engagement.
  • Analyze simulation results to pinpoint gaps in detection, prevention, and response capabilities, delivering actionable recommendations to enhance defenses.
  • Hook BAS platforms into our security stack (SIEM, EDR, etc.) for seamless testing and insights.
  • Document simulation outcomes, vulnerability findings, and remediation plans, presenting insights to technical and non-technical stakeholders.
  • Team up with security analysts and engineers to tweak alerts, rules, and controls based on what you find.
  • Develop a roadmap of prioritized remediation activities to help address potential gaps, based on the criticality of findings and the organization’s specific threat profile.
  • Analyze, update, and modify procedures and processes to identify and continuously implement BAS process improvements.
  • Keep tabs on the latest attack trends and tactics (think MITRE ATT&CK) to keep our simulations cutting-edge.
  • Pitch in on red team drills or related projects when the need arises.

 

How do we imagine you?

 

  • Required:
    • Bachelor’s Degree preferably in an information technology-related field.
    • Approximately 3 years of experience in cybersecurity, with at least 1-2 years focused on breach and attack simulation and/or vulnerability management.
    • Familiarity with MITRE ATT&CK and how it maps to real-world threats.
    • Solid grasp of security tools—think EDR, firewalls, or IDS/IPS—and how they hold up under attack.
    • Proficiency in scripting or programming languages (e.g., Python, PowerShell, or C) for automation, custom simulations, and reporting.
    • General networking, host, and security based troubleshooting (firewalls, routing, NAT, etc).

 

  • Preferred:
    • Exposure to red teaming, penetration testing, purple teaming, or vulnerability management.
    • Experience working with breach and attack simulation (BAS) solutions are a bonus.
    • Security certifications are a bonus (CISSP, CISM, OSCP, Security +, etc).
    • GIAC certifications beneficial.
    • Familiarity with application, server, and network security.
    • Familiarity with configuration and administration of enterprise SIEM tools.

 

 

How is it to work at Deloitte?
 

🤩 High-impact projects where you will have a long journey and learning experience

☯️ A hybrid-flexible daily routine: you will have flexible hours and a good balance between remote work and teamwork in our offices or our clients’ offices

⚽ Good atmosphere inside and outside the office: you will enjoy several team buildings per year, cultural and sports activities... and much more!

🧘‍♀️ Comprehensive well-being: take care of yourself with our physical, mental, and financial health program... and with a medical team in the offices!

🤲 Social impact: You can sign up for a large number of national and international volunteer opportunities and pro-bono projects where you can put your time and talent at the service of those who need it most

🗣️Culture of feedback and continuous learning: you will grow in an inclusive environment where equal opportunities and your personalized training plan will boost your development. Can you already see yourself at the Deloitte University in Paris?

🤝 Exclusive benefits for being part of Deloitte: you will be able to enjoy a wide catalog of benefits and a complete flexible compensation plan

 
 

If you like what you read, here are your next steps:

 

  • Apply for the position by clicking on 'Submit application now' and complete your profile
  • If you are a good fit for the role, our talent team will contact you to get to know you better

 

Start the process! We will guide you through the different stages until your incorporation.

 
 
Deloitte is a professional services Firm strongly committed to equal opportunity. In this sense, the Firm will accept and process applications from all sectors of society, not discriminating based on sex, gender expression, race, religion or belief, ethnic or national origin, disability, disease or health condition, genetic predisposition. to suffer pathologies, age, citizenship, marital status, sexual orientation or identity, socioeconomic situation or any other personal or social condition or circumstance.
Location:  Madrid
Job Type:  Experienced
Service Line:  T&T
Req Id:  39674

APPLY RIGHT NOW »