• Provide technical leadership and expertise in penetration testing, guiding our teams in the identification and remediation of security vulnerabilities.
• Lead the design and implementation of comprehensive penetration testing programs, including vulnerability assessments, penetration tests, and red team exercises.
• Conduct in-depth security assessments of our systems and applications, identifying and prioritizing security risks and recommending appropriate remediation measures.
• Perform hands-on penetration testing activities, including network, web application, mobile application, and cloud infrastructure assessments.
• Develop and maintain custom exploit code, scripts, and tools to automate and streamline penetration testing activities.
• Collaborate with development teams to incorporate security best practices into the software development lifecycle (SDLC), including threat modeling, code review, and secure coding guidelines.
• Stay current with emerging security threats and trends, and proactively identify areas of improvement to enhance our security posture.
• Act as a trusted advisor to senior leadership on security matters, providing insights and recommendations to inform strategic decision-making.
• Mentor and coach junior security professionals, helping to build a culture of security awareness and vigilance across the organization.

• 10 years of experience in information security, with a focus on penetration testing and vulnerability management.
• Deep technical expertise in penetration testing tools and techniques, such as Metasploit, Burp Suite, Nmap, Wireshark, and Kali Linux.
• Extensive experience conducting penetration tests across a variety of platforms and environments, including on-premises, cloud, and hybrid environments.
• Strong understanding of security principles, protocols, and standards, including OWASP, NIST, and ISO/IEC 27001.
• Hands-on experience with secure coding practices, threat modeling, and code review techniques.
• Relevant certifications such as CISSP, CEH, OSCP, or GIAC.
• Excellent communication and collaboration skills, with the ability to effectively convey complex technical concepts to both technical and non-technical audiences.
• Proven leadership skills, with experience leading and motivating teams to achieve security goals and objectives.
• Ability to thrive in a fast-paced, dynamic environment, and adapt quickly to changing priorities and requirements.

PI240939169