Principal Consultant - Cyber Security (Offensive Security)

As one of the world's largest networks of audit, tax and consulting firms, RSM delivers big ideas and premium service to help middle-market businesses thrive. We are a fast-growing firm with big ambitions -- we have a clear goal to become the premium adviser to the middle market, globally. This vision touches everything we do, motivating and inspiring us to become better every day. If you are looking for a firm where you can build a future and make an impact, then RSM is the place for you.

Overview

Are you passionate about emerging technology, cyber, change, and risk management? We are.

There's never been a more exciting time to be a technology risk professional. Our world is ever more complex, interconnected, and reliant on technology and data to do business. While the digital opportunities for organisations are endless, the risks are becoming increasingly more complex to manage. RSM's global Technology & Cyber Risk Assurance practice provides assurance, advice, and solutions to enable our clients to manage their wide-ranging technology risks and move forward with confidence.

Our national client portfolio includes some of the most interesting and prestigious organisations that operate across all industry and Not for Profit sectors including financial services, technology, retail, manufacturing, automotive, gaming, healthcare, social housing, education and defence.

Overall job purpose

You won't stand still in our Cyber Security team which is a part of our wider Technology & Cyber Risk Assurance team. You'll work with our team of specialists and be a valued member of a diverse and inclusive team.

The purpose of this role is to assist in managing, delivering and leading cyber engagements across a diverse portfolio of clients across the breadth of the mid-market, ensuring both excellent client service and identification of further work opportunities. The role will involve managing the delivery of agreed work activities with a primary focus on technical security including offensive security services.

You'll benefit from ongoing coaching, career mentoring, and be supported by our career pathway. You will have an opportunity to continue to develop market leading skills across our different capabilities and advance your professional development by undertaking certifications such as Offensive Security Certified Professional (OSCP); CompTIA PenTest+; CHECK, CREST; Certified Information Systems Auditor (CISA); CompTIA Security+; Certified Ethical Hacker (CEH); Azure; AWS; Microsoft 365; Certified Information Systems Security Professional (CISSP); and Certified Information Security Manager (CISM).

About the role

We are seeking an enthusiastic cyber security consultant to join our team. Working alongside our experienced team of specialists, you'll be delivering assurance, advisory and offensive security services including digital footprint reconnaissance, social engineering, penetration testing and vulnerability assessments, cyber security incident response exercises and more to high profile clients across all industries.

We take professional development seriously, as a member of the team you will receive:

• Access to Internal workshops, dedicated cyber security training platforms and professional development resources.
• Access to an extended global network of highly experienced and qualified cyber security specialists.

This is a hybrid role with some travel to our offices and client sites required.

Responsibilities

As a Principal Consultant you'll be:

• Delivering cyber security engagements, from scoping through to delivery, debriefs and report writing.
• Contributing towards the development of exciting new market facing cyber security products and services and our internal knowledge sharing hubs.
• Supporting the development of other members of the team.
• Representing RSM in external meetings, including attendance at client workshops, audit committees, and regional networking events.
• Building trusted relationships with senior client stakeholders and identifying client and service opportunities.

Requirements for this role

• Demonstrable experience of delivering and leading cyber security advisory and offensive security testing engagements in a professional services context.
• Understand technology trends, cyber threats, and industry issues.
• Proficient in report writing.
• Experience with security testing techniques such as threat modelling, reconnaissance, social engineering, enumeration, attack path mapping, exploitation, and clean up from a variety of adversarial perspectives (white/grey/black box testing).
• Proficient in infrastructure and web application testing, with experience in API testing desirable.
• Proficient in using common commercial and open-source penetration testing tool sets including Kali Linux, Metasploit, Nmap, BurpSuite, Nessus and other industry standard tools.
• Hold an industry recognised certification (this can be at any level from Offensive Security Certified Professional (OSCP); CompTIA PenTest+; CHECK, CREST).
• Motivated to lead with purpose, innovate, and make a genuine lasting impact.
• Takes responsibility for work tasks and quality, managing own workload and deadlines under supervision.
• Confident with excellent written, oral communication, report writing and presentation skills.
• Able to work autonomously and as part of team.

#LI-AK1

Diversity and Inclusion at RSM
At RSM, we want to create a strong sense of belonging so that people of all identities, backgrounds, and cultures feel they can bring their true self to work. Our clients come from all walks of life. We aim to achieve that same diversity of background, experience and perspective in our own teams, so that we can genuinely understand our client's needs. Diverse teams bring a broader range of ideas and insights to work. That's why we're working together to ensure our firm's principles and processes support a firm culture that embraces difference and strengthens inclusion.