We need a senior Penetration Tester Team Lead (2+ Years) or Newer Manager for a long-term Project (Multi-year). Candidates must have Team Lead experience or someone who moved into a management role over the last couple of years. . Demonstrated familiarity with common compliance frameworks including PCI, DSS/SOX, General Data Privacy Regulation (GDPR), NYS DFS 23 NYCRR Part 500, and/or ISO 27001/27002
No 8-year candidates. The client wants 10+ years of experience
We are looking for a Team Lead for Vulnerability Management and Penetration Testing to join our team in our Wilmington, DE office location (remote* remote available for the right candidate). We're looking for a versatile and hands-on engineer with cross-vertical technical expertise encompassing penetration testing strategy and execution, vulnerability management, static code analytics, and policy compliance. Here, you'll sit directly at the intersection of technical innovation and business engagement. You'll actively partner with our engineers along with our Security Management and Senior Leadership teams to lead initiatives across our highly distributed, multi-national footprint. You'll engage in both project execution and project leadership, working side by side with our Director of Vulnerability Management to ensure the fluid continuity of compliance programs across the enterprise. And as we continue to standardize our security posture, you'll have opportunities to influence change and see the impact of what you're doing each and every day to secure our global infrastructure.
On our team, you will:
- Lead initiatives and projects to support and enhance our penetration testing capabilities across an expansive environment that includes web and desktop applications as well as mobile and network devices
- Manage infrastructure scans and vulnerability assessment initiatives from project initiation to completion, optimizing the use of tools like Tenable, Rapid 7, and Qualys
- Bring your ideas forward, evaluating how to optimize the tools we're using and exploring technologies that could continue to enhance our security posture and ensure solutions scalability
- Develop and lead projects to continually analyze source code, pinpointing and remediating potential vulnerabilities upon discovery
- Manage compliance scanning process across the enterprise to identify and remediate potential risks and vulnerabilities as expeditiously as possible
- Continuously communicate that status of our security compliance projects and programs to provide updates and obtain buy-in from global engineering, business, security management, and senior leadership teams
Qualifications
- Minimum of 10+ years of experience in Information Security or a related role encompassing security compliance, penetration testing, vulnerability management, and/or static code analysis
- Prior experience leading projects and/or as a supervisor or team lead preferred
- Bachelor's degree in Computer Science, Information Security, Network Engineering, or a related technical discipline required; prior related technical experience may substitute for education
- Demonstrated familiarity with common compliance frameworks including PCI, DSS/SOX, General Data Privacy Regulation (GDPR), NYS DFS 23 NYCRR Part 500, and/or ISO 27001/27002
- Proven ability to engage with and secure buy-in from business, technical, and executive stakeholders required
- Demonstrate proficiency in Linux (Kali), the Metasploit framework, and with common Kali standard tools such as nikto, dirbuster, sqlmap, and/or nmap