Job description
Director – Pentesting Solutions Role Summary The Director – Pentesting Solutions will lead and scale the organization’s offensive security and penetration testing practice within a lean and fast-growing cybersecurity company.
This role combines technical leadership, client advisory, delivery oversight, team management, and business growth responsibilities.
The individual will be responsible for ensuring high-quality execution of penetration testing engagements, developing service capabilities, mentoring consultants, supporting pre-sales activities, and helping establish the company as a trusted cybersecurity partner.
The ideal candidate is an experienced offensive security leader who can operate effectively in a startup environment, balance strategic and hands-on responsibilities, and build scalable security assessment practices across diverse client environments.
Key Responsibilities Practice Leadership & Delivery Lead and oversee penetration testing engagements across web applications, APIs, cloud environments, networks, mobile applications, wireless infrastructure, and enterprise systems.
Establish and maintain testing methodologies, quality standards, reporting frameworks, and operational best practices.
Ensure timely and high-quality delivery of client engagements while managing competing priorities and resource allocation.
Review technical findings, risk ratings, remediation recommendations, and final assessment reports for accuracy and quality.
Drive continuous improvement in offensive security capabilities, tooling, automation, and testing approaches.
Technical & Strategic Responsibilities Provide subject matter expertise in offensive security, adversary simulation, vulnerability assessment, and security architecture weaknesses.
Guide complex security assessments and assist with advanced exploitation or high-risk engagements when required.
Track emerging attack techniques, vulnerabilities, and threat trends relevant to client environments.
Contribute to development of new service offerings and scalable assessment models aligned with market needs.
Support internal security research, proof-of-concept development, and innovation initiatives.
Team Leadership Build, mentor, and manage a small but high-performing pentesting and offensive security team.
Conduct technical reviews, performance coaching, and skill development initiatives for consultants.
Foster a collaborative, learning-oriented, and accountable team culture suitable for a fast paced environment.
Assist with hiring, onboarding, and capability development of new technical team members.
Client & Business Engagement Serve as a trusted advisor to clients on offensive security risks, remediation priorities, and security improvement strategies.
Participate in client meetings, scoping discussions, technical presentations, and executive briefings.
Support pre-sales activities including proposal preparation, effort estimation, solution design, and technical demonstrations.
Collaborate with sales and leadership teams to expand client relationships and identify new business opportunities.
Operational Responsibilities Contribute to development of delivery processes, utilization planning, and practice-level operational metrics.
Ensure engagement activities align with contractual, legal, confidentiality, and ethical requirements.
Assist leadership in strategic planning, revenue growth initiatives, and service expansion efforts.
Candidate Specifications Required Qualifications & Experience Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical discipline.
10+ years of experience in cybersecurity with significant focus on penetration testing and offensive security.
Demonstrated experience leading penetration testing teams or offensive security practices.
Strong hands-on experience performing and reviewing penetration tests across multiple technology domains.
Experience interacting directly with enterprise clients and executive stakeholders.
Prior experience working in fast-paced, lean, or startup-oriented environments preferred.
Technical Skills Strong understanding of web application, network, cloud, API, mobile, and infrastructure security.
Experience with offensive security tools, frameworks, and methodologies.
Familiarity with secure architecture concepts, common attack vectors, and remediation approaches.
Knowledge of industry frameworks and standards such as OWASP, NIST, PTES, MITRE ATT&CK, and CIS benchmarks.
Understanding of cloud platforms, container security, identity security, and modern enterprise environments.
Certifications (Preferred) OSCP, OSWE, OSEP, CRTP, LPT Master, CISSP, or equivalent offensive security certifications preferred.
This job post has been translated by AI and may contain minor differences or errors.
