Pen Test Manager

Responsibilities

• Manage team of 10-15 penetration testers and ensure that tests are complete, accurate, and reports are on time and meet the quality and thoroughness standards of a high-performing penetration testing company.
• Establish and evaluate the standards for penetration testers, identifying junior to senior, as well as dedication and commitment levels, support and improve training for team, and drive innovation and improvements.
• Maintain technical proficiency in penetration test disciplines, to provide guidance and mentoring across the scope of penetration testing.
• Support marketing, sales, outreach, and collaboration with other areas of the company.
• Support and improve the automation, reporting capabilities, and advancement of capabilities across the penetration test discipline. We look for creativity and organization.
• Occasional penetration testing will also be needed, so the incumbent should be an expert in the areas, to maintain familiarity in the following areas:

• In-depth web application audits, cloud-based penetration tests, source code analysis, network penetration tests, cloud-based security/configuration reviews, mobile penetration tests, hardware assessments across multiple industries and environments.
• Creation of detailed penetration test reports in the English language (detailing the steps that were taken to exploit the issues and provide actionable remediation suggestions).
• Work with clients, participate in calls for scoping, kick-offs, and findings, to communicate the scope, status, results, and remediations, and support the smooth progress of the tests; escalate issues when needed
• Create/script tools and exploits during the engagement to demonstrate a vulnerability with proof or write meaningful test cases (to test all attack theories).
• Take a hands-on approach to penetration testing. Very little automation is used (we take very deep dives into our targets to provide the best results). When automation is used, in-house tools or custom scripts are preferred.

• Contribute to in-house written tools (Python) to aid in the penetration testing process.

Experience and Qualifications

• Strong management skills with very technical team – including performance reviews, corrective actions, recognition, etc.
• Prior experience managing a penetration test team, with skills establishing technical standards and improvements.
• Strong problem-solving skills (technical and non-technical). High degree of autonomy in managing and solving tasks, making sound decisions and prioritizing actions effectively to ensure deadlines and client objectives are met.
• Good attention to details and ability to complete tasks by the deadline
• Well organized and ability to work autonomously
• Technical curiosity and self-starter
• Capable of performing in-depth penetration tests for Web Applications, Source Code Auditing, Cloud-based services, Network Penetration tests, Mobile Penetration Tests, among others.

• Strong understanding of vulnerabilities and mitigation controls
• Capable of focusing on clearly defined objectives when the client requires
• Capable of creative thinking to generate and test attack theories to detect vulnerabilities based on your understanding of the targets.

• Commitment to the cybersecurity discipline and willingness to support the rest of Appgate, when needed.
• Willing to share knowledge with the team or act as a mentor in areas of strength and expertise (as the team will share knowledge with you).

Qualifications

Experience leading or managing a very technical team

Proven management experience with a highly technical team of penetration testers.

Proven experience as a Penetration Tester – 10+ years strongly preferred

• Excellent understanding of protocols, networks, firewalls, intrusion detections, common deployment strategies, source code development cycles and coding patterns
• Proficiency in scripting languages (Python is preferred)
• Strong problem-solving skills and ability to think creatively like a hacker
• Strong familiarity with penetration testing tools and methodologies
• Comfortable leading technical scoping and findings calls with customers across a variety of industries. Your technical skills will be challenged during these calls so you must be confident in your technical abilities.
• A pipeline or workflow for staying up to date on current security trends
• Comfortable writing custom tools that aid in penetration testing tasks (capable of turning a vision into a reality)
• Comfortable running an international team across several time zones.
• Skilled at multitasking in a high pace environment
• A passion for cybersecurity