You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Posted 4 months ago
Requirements and responsibilities
Job DescriptionThe Manager – Penetration Testing leads CBTS’s Offensive Security practice, overseeing the delivery of high quality penetration tests, red team engagements, and threat emulation services. This role ensures technical excellence, consistent methodology, team development, and exceptional client value while driving practice growth.Key ResponsibilitiesLeadership & Team ManagementLead, coach, and develop a team of penetration testers, red-team operators, and offensive security consultants.Oversee capacity planning, engagement assignments, and resource utilization to ensure timely delivery.Create a culture of continuous learning, ethical conduct, technical innovation, and operational excellence.Mentor team members through advanced exploitation techniques, reporting best practices, and client communication.Service Delivery ExcellenceOversee execution of internal/external network penetration tests, application and API testing, cloud testing, wireless assessments, and social engineering.Ensure all engagements follow CBTS playbooks, methodologies, and compliance standards.Review technical findings, reports, and remediation guidance for accuracy, clarity, and completeness.Ensure engagements align with scope, timelines, and client expectations.Practice & Methodology DevelopmentMaintain and enhance the CBTS offensive security methodology, tooling, and reporting standards.Develop new service offerings, including adversary emulation, purple‑team services, cloud offensive testing, and industrial/OT security (as applicable).Oversee internal R&D to build custom tools, automation, and repeatable frameworks.Client Engagement & Stakeholder ManagementAct as executive‑level escalation point for clients during and after penetration testing engagements.Present findings to technical, security, and C‑suite stakeholders in business‑aligned language.Support the creation of Statements of Work (SOWs), scoping calls, and proposal development in partnership with Solutions Architects and Sales.Build long‑term client relationships and support new and repeat business opportunities.Quality Assurance & Risk ManagementEnsure adherence to legal, ethical, and contractual requirements in all offensive engagements.Manage operational risks, documenting and escalating critical issues appropriately.Maintain high standards for confidentiality, testing authorization, and data handling.Cross‑Functional CollaborationPartner with the Defensive Security, Cloud, and Managed Services teams to deliver integrated security offerings.Coordinate purple‑team engagements with detection engineering and SOC analysts.Work with Sales, Delivery, PMO, and Marketing teams to enable practice visibility and growth.Key Performance Indicators (KPIs)On‑time delivery and engagement qualityClient satisfaction (CSAT/NPS)Team development, upskilling, and retentionRevenue growth and utilization targetsStandardization and maturity of offensive security playbooksPractice innovation and tool developmentReduced rework and improved reporting qualityRequired Skills & CompetenciesTechnical ExpertiseAdvanced knowledge of:Network, application, API, and mobile penetration testingRed-team operations, adversary simulation, and MITRE ATT&CK frameworksCloud offensive security (AWS, Azure, GCP)Active Directory exploitation and post‑exploitationScripting/exploitation using Python, PowerShell, Bash, Go, or C#Familiar with blue‑team technologies, detection engineering, and EDR evasion.Leadership & Functional SkillsTeam development, performance coaching, and hiring talentAbility to simplify technical risk for business leadersStrong documentation, communication, and presentation skillsProject oversight, scoping, and workload managementStrategic thinking around cybersecurity program maturityBehavioral CompetenciesHigh integrity and ethical responsibility in offensive testingOwnership mindset and proactive leadershipCollaboration across technical and business teamsAdaptability in fast‑paced, evolving threat environmentsQualifications & Experience7–10+ years in penetration testing, red‑team, or offensive security roles2–4+ years in a leadership, team lead, or management capacityBachelor’s degree in Cybersecurity, Computer Science, or equivalent experiencePreferred Certifications:OSCP, OSCE, OSEP, OSWEGPEN, GXPN, GWAPTPNPTCloud security certifications (Azure/AWS/GCP security‑focused)#LI-REMOTE #LI-PK1 #LI-USADue to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens may be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.The pay range for this role is:89,000 - 134,000 USD per year (Remote (United States)).
Optionally, you can add more information later (benefits, pre-screening questions, etc.)