Manager Penetration Testing & Exploit Development

We are unable to sponsor as this is a permanent full time roleA prestigious fortune 500 company is on the search for a Manager of Penetration Testing & Exploit Development. This person will manage 8 to 10 people onshore and offshore. They will drive penetration testing for applications and systems penetration testing. They will secure the development within the cloud and work with vulnerability management. Key Responsibilities

• Own and drive the penetration testing program strategy for the Company Family of Brands including management of third party testing services and/or bug bounty programs
• Be a champion for vulnerability services and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business areas.
• Drive actionable metrics and reporting for operations and leadership transparency
• Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness
• Closely support and collaborate with other Cyber Security Operations teams
• Provide support on incidents and outages as necessary to enable effectiveness of the team and its operations
• Serve as subject matter expert related to penetration testing, secure development, and secure configuration
• Have the ability to understand and develop enterprise policy and technical standards with specific regard to secure development/deployment and vulnerability management
• Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities specific to Company’s environment, and determine and implement mitigating controls.
• Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
• Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions.
• Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need.
• Providing mentorship, coaching, performance management and support to team members with regard to advanced offensive security techniques, vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development.
• Continuously develop and execute training exercises and Capture the Flag activities for Cyber Security Operations Center teams to increase technical skills and understanding of the attacker mindset

• Bachelors and/or Masters Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field
• 5+ years experience in penetration testing, offensive security, red teaming
• Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations
• Familiar with industry standard security best practices and multiple techniques for penetration testing
• Advanced experience with multiple open source tools for security testing
• Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources
• Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing.
• Knowledge of PCI, HIPAA, ISO, NIST, and IT Controls
• CISSP, GPEN, GWAPT, GMOB, OSCP or other industry certification or expected completion of certification within 1 year of hire.