Offensive Security Team Leader

Offensive Security Team Leader Key Responsibilities Leadership & Mentorship:

• Team Leadership: Lead, mentor, and grow a high-performing offensive security team.
• Professional Development: Build personalized growth plans for team members, conducting code reviews, technical workshops, and one-on-one coaching sessions. Management: Manage resource allocation, prioritize tasks, and handle multiple complex projects simultaneously under tight deadlines. Operational Excellence:
• End-to-End Delivery: Manage the full lifecycle of offensive engagements—from initial scoping and "Rules of Engagement" definition to final delivery and debriefing.
• Red Teaming: Lead complex, scenario-based Red Team operations, simulating advanced adversaries (APTs) to test detection and response capabilities.
• Cloud & AppSec: Oversee deep-dive penetration testing for Web Applications, APIs, and Cloud Native environments (AWS, Azure, GCP, Kubernetes). Strategy & Business Value:
• Business Impact: Translate complex technical findings into clear, actionable business insights. You will explain risk and impact to stakeholders (C-level, R&D, DevOps) rather than just listing vulnerabilities.
• Innovation: Foster a culture of creativity and "outside the box" thinking to challenge existing security assumptions.

Experience & Background:

• 5+ years of hands-on experience in Offensive Security (Penetration Testing / Red Teaming).
• 2+ years of experience in a leadership or team lead role, with a proven track record of managing people and projects.
• High proficiency in English (verbal and written) – mandatory. Technical Expertise:
• Deep understanding of Red Team methodologies: AV/EDR evasion, C2 infrastructure setup, Active Directory and Network Red Team methodology, Cloud Red Team methodology, and Social Engineering Techniques.
• Expertise in Application Security: OWASP Top 10, logic flaws, and API security.
• Strong hands-on experience with Cloud Security penetration testing in AWS, Azure, or GCP, including Kubernetes (K8s) and container security. Certifications:
• Must have at least one advanced certification: OSCP, OSEP, OSWE, GCPN, GXPN or equivalent industry-recognized credentials. Soft Skills & Mindset:
• Business-Oriented Communication: Exceptional ability to simplify complex technical concepts and present them to non-technical management.
• Proactive Approach: Ability to identify gaps in processes and suggest improvements without being asked.
• Creativity: A hacker mindset—always looking for the exception, the edge case, and the creative bypass. Advantages:
• Experience with Physical Security Penetration Tests.

Full time Job Location: Tel Aviv, Hybrid

We at Deloitte believe that diversity and inclusion among our people is a critical component of our success and that is why we cultivate an organizational culture that contains and embraces diversity in all its forms.