Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
https://bayt.page.link/TAoK7r8UtM5FLLDQ7
Back to the job results

Offensive Security Manager

Yesterday 2026/11/08
Other Business Support Services
Create a job alert for similar positions
Job alert turned off. You won’t receive updates for this search anymore.

Job description

Who We Are



Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.
To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.



What You'll Do



As a Global Information Security Manager within the Offensive Security team, you will lead a critical portion of the organization’s Red Team capability, planning and delivering sophisticated adversary emulation exercises that assess the effectiveness of security controls across people, processes, and technology. You will combine deep technical expertise with program ownership, helping shape offensive security capabilities while partnering closely with stakeholders across Security Operations and Information Technology.




Working in a highly collaborative environment, you will drive complex engagements from planning through reporting, continuously improving offensive security methodologies and helping strengthen the organization’s cyber resilience. In addition to leading technical execution, you will mentor team members, influence security priorities, and contribute to the evolution of the Red Team function.




Responsibilities Include




  • Lead end-to-end red team engagements, including planning, execution, reporting, and post-engagement reviews.
  • Own a defined portion of the Red Team program, ensuring consistent delivery, quality, and operational effectiveness.
  • Design and execute realistic adversary emulation campaigns aligned with current threat intelligence, adversary techniques, and industry frameworks.
  • Design and implement automation pipelines for offensive security operations.
  • Lead assume-breach and purple team exercises to evaluate and improve defensive capabilities.
  • Develop and enhance offensive tooling, attack infrastructure, and methodologies to support complex security assessments.
  • Partner with Incident Response, Security Operations, IT, and Security leadership to remediate risk and strengthen detection, response, and cyber resilience.
  • Produce executive-ready reports that communicate attack narratives, business impact, and prioritized remediation recommendations.
  • Research emerging threats, offensive techniques, and security technologies while continuously improving offensive security methodologies and capabilities.
  • Provide technical leadership, coaching, and guidance during complex engagements, promoting knowledge sharing and operational excellence across the team.

What You'll Bring



  • 7+ years of experience in offensive security, adversary emulation, or red team operations.
  • Deep expertise in enterprise attack techniques across Active Directory, identity, endpoint, network, cloud, and application environments.
  • Hands-on experience with command-and-control frameworks, post-exploitation tooling, and offensive security automation.
  • Good knowledge and skill on AI-assisted offensive security techniques and emerging adversarial AI threats.
  • Knowledge to understand scripting languages e.g. Python, PowerShell, Bash etc.
  • Demonstrated ability to lead complex technical engagements and influence cross-functional stakeholders.
  • Strong analytical and problem-solving skills with the ability to translate technical findings into business risk and actionable recommendations.
  • Experience mentoring colleagues, sharing technical expertise, and driving continuous improvement across offensive security capabilities.
  • Excellent written and verbal communication skills with experience presenting to both technical and executive audiences.
  • Working knowledge of MITRE ATT&CK, adversary emulation methodologies, and modern detection and response practices.
  • Experience securing or assessing cloud platforms, including Azure, AWS, or Google Cloud, is preferred.
  • Experience with Kubernetes, container security, and Infrastructure as Code is preferred.
  • Background in malware analysis, reverse engineering, exploit development, or custom implant development is an advantage.
  • Contributions to security research, conference presentations, open-source tooling, or published technical content are valued.
  • Previous experience in Incident Response, Security Operations, or Blue Team functions is beneficial.

Who You'll Work With



You will be part of the Global Information Security organization within the Offensive Security team. In this role, you will collaborate closely with Security Directors, Senior Managers, Incident Response teams, Security Operations, Information Technology, Infrastructure, and other cybersecurity specialists.




You will also partner with cross-functional teams across the organization to strengthen cyber resilience through realistic adversary emulation, continuous improvement of detection and response capabilities, and the evolution of offensive security methodologies and tooling.



Additional info



This is an internal corporate security role supporting the organization’s global cybersecurity program.



Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer. Click here for more information on E-Verify.




This job post has been translated by AI and may contain minor differences or errors.
You’ve reached the maximum limit of 15 job alerts. To create a new alert, please delete an existing one first.
Job alert created for this search. You’ll receive updates when new jobs match.
Are you sure you want to unapply?

You'll no longer be considered for this role and your application will be removed from the employer's inbox.