Senior Manager - Offensive Security
Principal Duties Include Cyber Advisors seeks a Senior Manager (Offensive Security) to mature, lead and deliver the firm’s service offerings around system-wide views of threat-driven risks and applying them to the testing of systems and services that the firm delivers. The focus of the team will be to determine where vulnerabilities may exist within the people, processes and technology that enable the firm and then partner with system and service owners to assist in remediation and mitigation activities and the development of defensive controls. The successful candidate will have a proven track record of leading application penetration tests and advanced network exploitation operations, delivering technical leadership for an offensive security team and executing tactical, offensive assessments.
Responsibilities
Assist in the maintenance and growth of the offensive security practice with a focus on application security by formalizing testing processes, personnel development, practice deliverables, and best practices. Partner with sales and delivery teams to support pre-sales engagements, scope assessments, and solution development efforts Mentor and develop managers, leads, and senior consultants Influence hiring standards, interview calibration, and onboarding for senior technical roles within the practice Define and maintain practice playbooks, severity models, and exploitation guidelines Lead offensive security team members for Cyber Advisors, maximizing the efforts and satisfaction of all offensive security team members. Mature the program and methodology that shapes how Cyber Advisors approaches Threat Emulation, to include defining the rules and parameters for ethical hacking of systems, software and networks to identify and mitigate potential vulnerabilities Set direction and oversee the performance of penetration tests and Threat Emulation simulations on targets across all Cyber Advisors partners and customers Assisting in the sales process with potential or existing clients, and acting as a client’s primary program contact for projects delivered by Cyber Advisors’ Threat Emulation team As necessary, perform scoped and open-ended assessments on internal and external facing systems Perform threat and vulnerability research to identify new ways of achieving the program’s mission and act as a source for innovation within the cybersecurity industry Participate and contribute to Cyber Advisors’ social media presence on various platforms
Requirements
Bachelor’s degree or equivalent in Computer Engineering, Computer Science or a related field of study or at least 5 years of progressively responsible experience performing network and application security assessments and/or Cyber Red Team operations. Prior experience should include: performing application and network penetration tests, vulnerability assessments, infrastructure security reviews for web applications and their supporting network infrastructure and red team assessments that have tested security processes and controls. Work collaboratively with a variety of internal and external stakeholders (security consultants, project managers, service managers, development teams, technical SME’s, vendors) to deliver high quality assessments. Strong understanding of and experience with: Windows/Linux/Unix operating systems Networking fundamentals (all OSI layers, protocols, etc.) Operating system and software vulnerabilities and exploitation techniques Web and mobile application vulnerabilities and exploitation techniques Malware packing, obfuscation, persistence, exfiltration techniques Security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others Commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post-exploitation (e.g. Nmap, Nessus, Metasploit, Burp Suite, etc.) Project Management Demonstrated leader with team-oriented interpersonal skills, with the ability to interface effectively upper management, IT leadership and technology vendors. Develop and implement processes and/or tools that assist with execution of security assessments, including custom tools and automation Ability to collaborate and build positive relationships across multiple stakeholders Agile thinking and analysis that leads to win-win and innovative solutions Strong written and verbal communication skills. Calmness and clarity of thought under pressure and ability to maintain confidentiality. Ability to prepare and present project ideas and proposals to senior management Understanding of financial sector, or other large organization, security and IT infrastructures Willingness to work non-standard hours, if necessary Oral & written communication skills Primary Location Remote (Must be based in United States of America) Travel Depends on project requirements WHAT WE OFFER Competitive salary depending on skills and experience PTO and 8 Paid Holidays Employer-paid Health and Dental Insurance for CA employees Great opportunities for career advancement 401k with employer matching Disability and Life Insurance Apply To This Job