Manager, Offensive Cybersecurity – Penetration Testing

Job Description: - Lead and oversee penetration testing engagements across enterprise applications, systems, networks, cloud platforms, and other in-scope environments.

- Define testing scope, methodology, and priorities based on business risk, threat intelligence, and organizational objectives.

- Validate vulnerabilities and attack paths through manual testing, proof-of-concept development, and adversary emulation techniques.

- Partner with engineering, infrastructure, and application teams to communicate findings, support remediation, and improve overall security posture.

- Lead, mentor, and develop team members to strengthen offensive security capabilities and technical depth.

- Establish and mature offensive security processes, methodologies, reporting standards, and quality controls.

- Develop metrics and reporting to communicate testing coverage, findings trends, remediation progress, and program effectiveness to leadership.

- Collaborate with cross-functional stakeholders to prioritize testing activities and support secure design and remediation efforts.

- Develop or adapt proof-of-concept exploits to validate vulnerabilities and assess potential business impact.

- Create repeatable assessment and reporting processes that support audit, compliance, and governance requirements.

Requirements: - Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience; advanced degree preferred.

- OSCP, OSEP, CRTP, CEH, CPT, CEPT, GPEN or other experienced industry standard penetration testing Certification(s) required.

- 7+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design, networking, administration, identity, or other responsibilities preferred.

- 5+ years’ experience in information security required.

- 3+ years’ experience performing penetration testing required.

- Work independently and troubleshoot technical and business process related issues.

- Develop subject matter expertise in the entire information security stack.

- Develop technical testing solutions for internal consumption.

- Ability to appropriately analyze and scope vulnerability disclosures, CVEs.

- Expertise in OWASP.

- Experience leading penetration testing programs or engagements in a large enterprise environment.

- Excellent understanding of threat vectors and containment methods

- Knowledge of Active Directory discovery, enumeration and exploit methods.

- Experience assessing cloud environments (AWS, Azure, GCP), including common misconfigurations, attack paths, and defensive controls.

- Excellent written and verbal communication skills, with the ability to present technical findings to both technical and non-technical audiences.

Benefits: - group health insurance benefits (medical, vision, dental)

- FSA and HSA healthcare accounts

- life and accident insurance

- adoption and fertility assistance

- paid parental leave of up to 6 weeks

- short/long term disability

- paid time off for vacation, personal needs, and sick time

- up to 17 days of Choice Time Off (CTO) per calendar year

- up to 11 paid holidays per calendar year

- opportunity to contribute to 401(k) savings and investment plan with employer match