Senior Manager – Offensive Security

Job Description: - mature, lead and deliver the firm’s service offerings around system-wide views of threat-driven risks and applying them to the testing of systems and services that the firm delivers.

- Partner with sales and delivery teams to support pre-sales engagements, scope assessments, and solution development efforts

- Mentor and develop managers, leads, and senior consultants

- Influence hiring standards, interview calibration, and onboarding for senior technical roles within the practice

- Define and maintain practice playbooks, severity models, and exploitation guidelines

- Lead offensive security team members for Cyber Advisors, maximizing the efforts and satisfaction of all offensive security team members.

- Mature the program and methodology that shapes how Cyber Advisors approaches Threat Emulation, to include defining the rules and parameters for ethical hacking of systems, software and networks to identify and mitigate potential vulnerabilities

- Set direction and oversee the performance of penetration tests and Threat Emulation simulations on targets across all Cyber Advisors partners and customers

- Assisting in the sales process with potential or existing clients, and acting as a client’s primary program contact for projects delivered by Cyber Advisors’ Threat Emulation team

- As necessary, perform scoped and open-ended assessments on internal and external facing systems

- Perform threat and vulnerability research to identify new ways of achieving the program’s mission and act as a source for innovation within the cybersecurity industry

- Participate and contribute to Cyber Advisors’ social media presence on various platforms

Requirements: - Bachelor’s degree or equivalent in Computer Engineering, Computer Science or a related field of study or at least 5 years of progressively responsible experience performing network and application security assessments and/or Cyber Red Team operations.

- prior experience performing application and network penetration tests, vulnerability assessments, infrastructure security reviews for web applications and their supporting network infrastructure and red team assessments that have tested security processes and controls.

- Work collaboratively with a variety of internal and external stakeholders (security consultants, project managers, service managers, development teams, technical SME’s, vendors) to deliver high quality assessments.

- Strong understanding of and experience with Windows/Linux/Unix operating systems

- Networking fundamentals (all OSI layers, protocols, etc.)

- Operating system and software vulnerabilities and exploitation techniques

- Web and mobile application vulnerabilities and exploitation techniques

- Malware packing, obfuscation, persistence, exfiltration techniques

- Security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others

- Commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post-exploitation (e.g. Nmap, Nessus, Metasploit, Burp Suite, etc.)

- Project Management

- Demonstrated leader with team-oriented interpersonal skills, with the ability to interface effectively upper management, IT leadership and technology vendors.

- Develop and implement processes and/or tools that assist with execution of security assessments, including custom tools and automation

- Ability to collaborate and build positive relationships across multiple stakeholders

- Agile thinking and analysis that leads to win-win and innovative solutions

- Strong written and verbal communication skills.

- Calmness and clarity of thought under pressure and ability to maintain confidentiality.

- Ability to prepare and present project ideas and proposals to senior management

- Understanding of financial sector, or other large organization, security and IT infrastructures

- Willingness to work non-standard hours, if necessary

Benefits: - PTO and 8 Paid Holidays

- Employer-paid Health and Dental Insurance for CA employees

- Great opportunities for career advancement

- 401k with employer matching

- Disability and Life Insurance