Manager, Offensive Cybersecurity – Penetration Testing

This is a fully remote position, open to applicants in California.

📋 Description

• Lead and manage penetration testing initiatives across enterprise applications, systems, networks, cloud platforms, and other relevant environments.

• Determine testing scope, methodology, and priorities informed by business risk, threat intelligence, and organizational goals.

• Validate vulnerabilities and attack pathways through manual testing, proof-of-concept creation, and adversary emulation techniques.

• Collaborate with engineering, infrastructure, and application teams to share findings, support remediation efforts, and enhance overall security posture.

• Guide, mentor, and develop team members to bolster offensive security capabilities and technical expertise.

• Establish and refine offensive security processes, methodologies, reporting standards, and quality controls.

• Create metrics and reporting systems to convey testing coverage, trends in findings, remediation progress, and program effectiveness to leadership.

• Work with cross-functional stakeholders to prioritize testing tasks and facilitate secure design and corrective actions.

• Develop or modify proof-of-concept exploits to confirm vulnerabilities and evaluate potential business impacts.

• Construct repeatable assessment and reporting processes that comply with audit, compliance, and governance requirements.

⛳️ Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent professional experience; advanced degree is preferred.

• OSCP, OSEP, CRTP, CEH, CPT, CEPT, GPEN, or other recognized industry-standard penetration testing certifications are required.

• Over 7 years of combined IT and security experience with a wide-ranging exposure to systems analysis, application development, database design, networking, administration, identity, or other relevant responsibilities is preferred.

• Minimum of 5 years of experience in information security is required.

• At least 3 years of experience conducting penetration testing is required.

• Ability to work independently and resolve technical and business process-related issues effectively.

• Develop expert-level knowledge in the entire information security stack.

• Create technical testing solutions for internal use.

• Capable of accurately analyzing and scoping vulnerability disclosures and CVEs.

• Proficiency in OWASP.

• Experience in leading penetration testing programs or engagements within a large enterprise setting.

• Strong understanding of threat vectors and containment strategies.

• Familiarity with Active Directory discovery, enumeration, and exploitation methods.

• Experience assessing cloud environments (AWS, Azure, GCP), including common misconfigurations, attack pathways, and defensive measures.

• Exceptional written and verbal communication skills, with the ability to present technical findings to both technical and non-technical audiences.

🏝️ Benefits

• Group health insurance benefits (medical, vision, dental).

• FSA and HSA healthcare accounts.

• Life and accident insurance.

• Adoption and fertility assistance.

• Paid parental leave of up to 6 weeks.

• Short/long term disability coverage.

• Paid time off for vacation, personal needs, and sick time.

• Up to 17 days of Choice Time Off (CTO) per calendar year.

• Up to 11 paid holidays per calendar year.

• Opportunity to contribute to a 401(k) savings and investment plan with employer matching.