Offensive Security Team Leader (FinTech/Cryptocurrency)

Offensive Security Team Leader (FinTech/Cryptocurrency)

Our client, a global FinTech with operations in Africa is looking to appoint an experienced Application Security Team Lead to join their team.

Job Type: Remote | Full-Time

Requirements

• Bachelor s degree in Computer Science or related field, or equivalent industry experience
  
• Relevant certification e.g., CISSP, SANS GWEB, SANS GWAT, Certified Ethical Hacker
  
• 5+ years of experience in mobile and web application penetration testing
  
• 5+ years of professional experience with security engineering practices, including: web application security, network security, authentication and authorization protocols, cryptography, automation, and other software security disciplines
  
• 5+ years of experience with dynamic and static code auditing to identify security issues
  
• 3+ years of experience leading an offensive security team
  
• Experience in Bug Bounty recognition
  
• Experience with threat modelling, design review, or other threat analysis techniques
  
• Deep understanding of attack surfaces, including hands-on experience with various
  
• Cybersecurity technologies and standards (MITRE ATT&CK framework)
  
• Hands on experience with testing frameworks such as the PTES and OWASP
  
• Updated and familiarised with the latest exploits and security trends
  
• Knowledge of cloud service providers and their offerings, preferably AWS, and its various technologies and services
  
• Experience in various security domains (e.g. system and network security, authentication and security protocols, cryptography, application security, incident response)
  
• Experience in developing security tooling and automation
  
• Critical thinking, articulate, strong in your domain, dedicated and passionate about the work you are doing
  

Responsibilities

Benefits

• In this role, you will attack our clients services, applications, and websites to discover security issues and report them to our internal engineering teams
  
• Leading high quality application penetration tests independently, or as part of a team
  
• Creating detailed engagement plans and thoroughly documenting findings, gaps, and remediation recommendations
  
• Developing and implementing improvements to team tooling, innovation, and processes
  
• Setting team strategy, direction, and priorities
  
• Advancing strategic initiatives by influencing leadership, key stakeholders, and partnering with teams throughout the company
  
• Leading effective teamwork, communication, collaboration and commitment across multiple disparate groups with competing priorities
  
• Communicating and collaborating with partner teams, service owners, Information
  
• Security, and senior leadership to influence, prioritise, and drive the resolution of discovered security findings
  
• Show exemplary judgement in making technical trade-offs between short-term fixes and long-term security and business goals
  
• Demonstrate resilience and navigate ambiguous situations with composure and tact
  
• Provide thought leadership for the organisation as you discover, invent, and innovate throughout the course of your duties.
  
• A strong sense of customer obsession is necessary to focus on the ultimate goal of keeping the company and its customers secure.
  
• Speak authoritatively on behalf of your team and that your technical knowledge demonstrates both depth and breadth
  
• Be responsible for your team s organisational structure and how that team works within the context of the larger the company s Security team. Leveraging the strengths of individual team members, delegating tasks appropriately and managing delivery of long term projects will all be critical tasks for this role.
  
• Be able to define metrics to quickly and accurately present the team performance and variance against its goals.
  
• Participate in and/or coordinate segments of cross-business initiatives, communicating status and results effectively across the teams.
  
• Seek out stretch assignments for your team and foster their professional career development.
  
• Exude your upbeat energy and enthusiasm each and every day to motivate your team to be the best they can in every aspect of what they do
  
• Celebrate the success of others by recognising the contributions of committed team
  
• members and their achievements
  
• Align your values with the Mission, Vision and Values of the company s team
  
• Be a role model for the company s client s organisational culture by creating a positive impact at every touchpoint with people, with every word you say or put in print and everything you do
  
• Communicate in a fashion that is respectful and well understood
  
• Collaborate with your peers to collectively think of innovative ideas that drive business through technology
  
• Build and utilise working relationships with internal business partners across the organisation and external business contacts
  
  

Do we spark your interest? Then send us your CV today!

We are looking forward to hearing from you!

----

Blackpen Recruitment is a global recruitment agency that targets European, African and American Markets with headquarters based in Malta and Cape Town. Blackpen specialises in FinTech, Cryptocurrency, Startup and iGaming Recruitment.

Bachelor s degree in Computer Science or related field, or equivalent industry experience Relevant certification e.g., CISSP, SANS GWEB, SANS GWAT, Certified Ethical Hacker 5+ years of experience in mobile and web application penetration testing 5+ years of professional experience with security engineering practices, including: web application security, network security, authentication and authorization protocols, cryptography, automation, and other software security disciplines 5+ years of experience with dynamic and static code auditing to identify security issues 3+ years of experience leading an offensive security team Experience in Bug Bounty recognition Experience with threat modelling, design review, or other threat analysis techniques Deep understanding of attack surfaces, including hands-on experience with various Cybersecurity technologies and standards (MITRE ATT&CK framework) Hands on experience with testing frameworks such as the PTES and OWASP Updated and familiarised with the latest exploits and security trends Knowledge of cloud service providers and their offerings, preferably AWS, and its various technologies and services Experience in various security domains (e.g. system and network security, authentication and security protocols, cryptography, application security, incident response) Experience in developing security tooling and automation Critical thinking, articulate, strong in your domain, dedicated and passionate about the work you are doing Responsibilities