Lead - Penetration Tester
Lead - Penetration Tester
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Summary:
You will be responsible for managing a team of penetration testers designing and executing complex security assessments and ensuring the security posture of critical systems and applications across our organization. You will also serve as a subject matter expert in identifying vulnerabilities providing remediation strategies and developing threat modeling.
Key Responsibilities:
Strategic & Operational Leadership
- Set the direction and scope of internal and external penetration testing engagements.
- Develop refine and maintain the organizations penetration testing methodology.
- Align red team activities with business objectives risk priorities and threat intelligence.
Team Management
- Lead mentor and coach a team of penetration testers red teamers and offensive security analysts.
- Conduct regular 1-on-1s career development planning and performance evaluations.
- Build a collaborative and high-performing team culture with continuous skills development.
Planning & Execution Oversight
- Oversee project timelines resource allocation and task delegation.
- Ensure timely delivery of assessments and reporting within defined SLAs.
- Manage team workflows using Agile or structured project management frameworks.
Quality Assurance & Reporting
- Review and approve penetration testing reports for clarity accuracy and risk relevance.
- Ensure all tests are conducted ethically legally and in line with organizational policy.
- Maintain consistency in reporting formats severity ratings and risk classifications.
Technical Guidance & Escalation
- Provide hands-on support in complex testing scenarios (e.g. privilege escalation advanced persistence).
- Serve as the go-to expert in bypassing modern defenses (EDR WAF MFA etc.).
- Troubleshoot and advise during real-time engagements or red/purple team exercises.
Continuous Improvement
- Stay current with threat trends TTPs (MITRE ATT&CK) and industry frameworks (OWASP PTES NIST).
- Recommend new tools scripts and techniques to keep the team ahead of emerging threats.
- Introduce automation playbooks and reusable exploits to improve testing efficiency.
Training & Development
- Develop internal training modules labs and tabletop exercises.
- Support certifications and knowledge-sharing within the team (e.g. OSCP OSCE CRTO).
- Organize internal red team simulations capture-the-flag (CTF) challenges or lab walkthroughs.
Stakeholder Communication
- Present technical findings and risk assessments clearly to non-technical stakeholders.
- Interface with IT development SOC and compliance teams to coordinate remediation efforts.
- Participate in executive briefings or incident response drills where red team input is required.
Compliance & Documentation
- Ensure testing procedures align with regulatory frameworks (ISO 27001 PCI-DSS NIST).
- Maintain documentation for all tools payloads testing infrastructure and evidence handling.
- Establish safe testing protocols to avoid disruption or unintentional damage during engagements.
Employment Type
Full Time
