As an Offensive Security Manager, you will lead and develop Group's Offensive Security team, driving the company's proactive security efforts. In this role, you will not only manage day-to-day operations but also spearhead strategic enterprise initiatives aimed at advancing the company's ability to defend against and respond to emerging security threats. This position offers a unique blend of technical leadership and hands-on engagement, focusing on critical areas such as Penetration Testing, Bug bounty and Red Teaming. You will play a key role in ensuring the company's security posture remains robust and ahead of industry trends.

Responsibilities

• Offensive Security Strategy: Lead and develop the overall Offensive Security strategy, ensuring alignment with company objectives and evolving security threats.
• Penetration Testing: Drive internal and external penetration testing efforts, identifying vulnerabilities and ensuring timely remediation.
• Bug Bounty Program: Manage the company's bug bounty program, coordinating with external researchers to identify and address security flaws.
• Red Team Operations: Oversee Red Team exercises, ensuring they effectively simulate real-world attack scenarios and improve organisational readiness.
• Application & Infrastructure Security: Collaborate with other security teams to review and enhance the security of applications and infrastructure.
• Technical Security Reviews: Act as an SME within security reviews and assessments of new and existing systems, identifying gaps and recommending improvements.
• Security Policies and Procedures: Ensure that security policies and procedures are up to date, well-documented, and effectively communicated.
• Team Management: Manage the Offensive Security team's day-to-day operations, set objectives, and conduct regular performance reviews.
• Training and Development: Identify training needs for team members and provide coaching to develop their technical and professional skills.
• Resource & Budget Planning: Handle resource allocation and budget planning within the Offensive Security scope, ensuring cost-effective solutions.
• Key Results Management: Set and track key results for the team, ensuring the successful achievement of security goals.
• Conflict Resolution & Decision Making: Arbitrate conflicting priorities and make decisions in line with the company's best interests.

Requirements

• Experience:
  • 5+ years of experience in Offensive Security domains (Penetration Testing, Bug bounty, Red Teaming).
  • 3+ years of experience managing security teams, with a proven track record of leading projects and delivering results.
  • Expertise in two or more of the following areas: Application Security, System Security, Network Security, or Cloud Security.
• Technical Skills:
  • Strong hands-on experience with penetration testing tools and methodologies.
  • Familiarity with scripting languages (Python, Bash) for automation and security tasks.
  • Familiarity with GenAI
• Communication & Leadership:
  • Excellent verbal and written communication skills in English, capable of engaging with both technical and non-technical stakeholders.
  • Strong leadership skills, with the ability to mentor and guide team members.
• Strategic Vision:
  • Demonstrated ability to create and implement strategic security initiatives.
  • Ability to stay ahead of evolving security threats and technologies, ensuring the company's defenses remain strong.
• Project & Budget Management:
  • Experience in managing budgets and resources efficiently within a security environment.
  • Proven track record in managing and delivering security projects on time.
• Certifications:
  • Certifications such as OSCP, OSCE, or relevant Offensive Security certificates are highly desirable.

Ensure that you, and your team, adhere to the Governance, Risk & Compliance (GRC) obligations within your direct responsibility and control.

Ensure any non-compliance incidents within your team are raised through the appropriate channels (Compliance Incidents Process) and that your team are informed of any reporting processes relevant to them.

Challenge processes, policies and projects that will negatively impact compliance within the Group.

Ensure your team's completion of all mandatory compliance trainings within the set deadline.

Reach out to the Compliance Teams if unsure of any of your compliance obligations or the requirements are unclear.

LI-HYBRID #LI-ML1 #LI-MM1