Deloitte

Offensive Security Manager

Deloitte  •  Helsinki, FI (Hybrid)  •  1 hour ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Have you explored organizations attack surfaces from multiple angles and know how to turn exposures into actionable risk reduction? Do you thrive on uncovering hidden assets, misconfigurations and vulnerabilities before attackers do? Are you excited to shape how organizations understand, monitor and secure their external footprint against real-world threats?

We are looking to strengthen our growing Cyber team with an Offensive Security Manager with focus on bridging technical and non-technical worlds by coordinating and leading delivery of our offensive security engagements to our clients. The role resides primarily within our Attack Surface Management (ASM) offering team.

About us

Our Cyber team enables leading organizations across various industries to confidently pursue their growth, innovation, and performance objectives by effectively managing cyber risks. We believe security is about enabling business success, not just preventing bad things from happening. We offer advisory, implementation, and operational services that combine business, risk, and technology expertise to help clients in solving real security challenges for our clients— from designing robust architectures to implementing solutions that actually work and supporting them in production.

We're a passionate team of security experts within Deloitte's Nordic Cyber practice, part of the broader EMEA network. Our team thrives on collaboration, learning from each other, and staying at the forefront of security innovation. Become part of our international, multidisciplinary Cyber team, composed of individuals recognized as top talent in their respective fields.

Our Attack Surface Management (ASM) service helps organizations understand, reduce, and continuously manage their threat exposure. We provide program assessments, testing, design and build services to establish a robust ASM capability complemented by managed services that operate and continually refine the ASM program over time.

You can also read more about our services in general within Cyber team at Deloitte here

Your role

This is NOT a purely “hands-on hacker” role. We’re looking for someone with solid technical experience in attack surfaces, exposures, and tooling, who is equally interested in client-facing consulting and managing delivery. In this role, you will lead and contribute to client engagements, coordinate end‑to‑end delivery, and translate technical findings into clear, business‑relevant advice for stakeholders. While you will still be involved in delivery activities, your primary focus will be to:

  • Help coordinate our Attack Surface Management projects and workstreams
  • Drive project execution and ensure high‑quality outcomes
  • Help stakeholders understand impact and prioritize remediation actions

This is an ideal opportunity for an experienced ASM specialist who wants to move into a leadership path, owning client relationships, guiding teams, and shaping how ASM is delivered and evolved.

You won’t be working alone — you will collaborate with our global and local teams of cyber professionals, who bring a balanced mix of technical, legal, and business expertise to support you.

What You'll Actually Do:

  • Lead and execute ASM engagements (e.g., external attack surface assessments, penetration testing, red teaming, vulnerability management): Define scope, plan activities, manage timelines and resources, and act as the main point of contact for clients
    • Lead the design, implementation, and day-to-day management of project activities (e.g., facilitating workshops and status meetings) across client environments, ensuring stakeholders are aligned and informed throughout the engagement
    • Actively participate in the delivery of the projects depending on their size and scope
  • Translate technical findings into business-relevant insights: Analyse exposures and misconfigurations in the context of the client’s architecture, processes and business priorities
    • Communicate risk posture, prioritise issues based on impact and likelihood, and frame them in a way that supports decision-making by both technical and non-technical stakeholders
  • Advise, coordinate and oversee delivery: Review and validate outputs, focusing on what matters most for the client’s risk profile and environment
    • Provide pragmatic recommendations on how to reduce the external attack surface, enhance controls and improve processes to identify vulnerabilities, rogue assets, and exposure trends
    • Help clients integrate ASM outputs into their broader vulnerability management, SOC/Threat Intelligence and incident response capabilities
  • Build and nurture long-term relationships with stakeholders and clients by collaborating closely to understand their business needs and ensuring all engagements meet the highest quality standards
    • Support proposal development, including responding to RFPs and contributing to business development activities related to potential projects and engagements
  • Contribute to offering development Refine our ASM methodologies, tooling and accelerators, capture lessons learned from engagements, and help shape our go‑to‑market narrative and reusable assets

Why Deloitte?

🟢Deloitte employs 35,000+ dedicated cyber practitioners worldwide. We serve the biggest and most innovative companies across the globe as well as locally in Finland – solving complex problems, achieving remarkable goals, and making meaningful progress. We refer to ourselves as cyber leaders, strategists, advisors, hackers, and specialists.

🟢Create your own growth and development path based on your background and desired career goals with the help of your career coach. As the undisputed leader in professional services, Deloitte is where you’ll find unrivaled opportunities to:

  • Contribute to the latest thought-leadership and industry research relating to cyber security
  • Participate, grow and develop in other cyber security projects to realize your full potential

🟢 At Deloitte, we value every individual and prioritise feedback and coaching at all stages of your career. Our career development opportunities help you build the skills and capabilities you need to succeed and progress in your career

🟢 We have a flat hierarchy that is built around the strengths of our deloittees. We make a positive impact on each other, our clients, and society through our significant client projects

🟢 We work with a hybrid working model and aim to offer flexibility to our employees. We value face-to-face collaboration and learning at our modern office in Ruoholahti, while also providing opportunities for remote work

Qualifications

What we are looking for:

You are passionate about technology, particularly in the realm of securing IT environments and are committed to continuously expanding your knowledge. With 4 - 6 years of cybersecurity experience, ideally in a consulting capacity, you possess some of the following skills:

Technical skills:

  • Extensive experience in vulnerability management, penetration testing, red teaming, application security, or similar technical cybersecurity roles
  • Solid understanding of what organizations attack surfaces may consist of and typical exposure patterns
  • Experience conducting/delivering/presenting security posture analysis/assessments
  • Experience designing or managing ASM programs
  • Knowledge of relevant security frameworks, standards and regulations (e.g., TIBER-FI/EU, OWASP, MITRE, DORA, ISO 27001, NIST)
  • While not mandatory, relevant certifications or strong desire to accomplish one can be an advantage (e.g., OSCP, OSEP, OSED, OSEE, CRTO, CRTL, CRTE, CCRTS/CCSAS, CISSP). It is also seen as a plus if you have presented at security conferences or written technical blogs and whitepapers.

Soft skills:

  • Ability to make complex analysis and communicate it in a concise and clear manner, appropriately tailored to people from a very wide range of cultures, technical backgrounds and seniorities
  • Ability to work independently and as part of a team with good coaching skills to support the professional development of junior colleagues
  • Experience planning and leading project type work in an effective way
  • Continuous learning mindset and willingness to stay updated with industry trends, evolving technologies and threats
  • You get satisfaction from helping organizations whilst forming and maintaining long-term business partnerships/relationships requiring effective interpersonal skills

Requirements:

  • Fluency in English and in Finnish, both oral and written
  • You are required to be currently located in Finland, possess a valid residence permit and eligibility for security clearance (turvallisuusselvitys). We are currently not considering candidates requiring relocation

Additional Information

We look forward to receiving your application!

🕒 When: Apply latest by Wednesday 2nd of August please note that we are ready to start interviews already during the application period, especially now with quickly approaching summer holidays!

👉 How: Please submit your application through our recruitment system. Be sure to include your CV and cover letter. In your cover letter, please tell us what interests you about the role and what kind of colleague you would be

📞 Questions about the role: If you have any questions about the position, team or Deloitte as an employer, Kamil Lewandowski will be happy to answer. You can reach Kamil on Wednesday 8.7. between 9-10 or Monday 13.7. between 15-16.

📩 Questions about the recruitment process: You can read more about us and our recruitment process on our website If you did not find the answer you were looking for, please contact our recruitment team at rekry@deloitte.fi

💚 Get to know Deloitte: Look into our everyday life and discover more about us on LinkedIn, TikTok, Instagram, and Facebook

🎯 Not quite your role? Don’t hesitate to leave an open application on our website, you might be a perfect fit for another open role in our cyber team!

Together makes progress

At Deloitte, we value diverse skills, perspectives, and experiences, as they enable us to effectively solve complex challenges for our clients. We encourage you to apply for the position if you believe your skills can contribute to our team’s success.

You will have the opportunity to work alongside over 450,000 colleagues globally and nearly 900 colleagues in Finland across Audit & Assurance, Tax & Legal, and Consulting services. At Deloitte, it’s all about people, each with something special to offer. We collaborate closely with one another and with our clients, making great things happen. That’s how we create real change.

Deloitte is where you’ll find unlimited opportunities to succeed and realise your full potential, together.

Deloitte

About Deloitte

Deloitte drives progress. Our firms around the world help clients become leaders wherever they choose to compete. Deloitte invests in outstanding people of diverse talents and backgrounds and empowers them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities. DTTL (also referred to as “Deloitte Global”) and each of its member firms are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.

The content on this page contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively the “Deloitte Network”) is, by means of this publication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on content from this page.

Industry
Consulting & Advisory
Company Size
10,000+ employees
Headquarters
Worldwide, OO
Year Founded
1845
Social Media