Design, execute, and lead end-to-end penetration tests across a wide range of environments
Conduct penetration testing across software-as-a-service and platform-as-a service environments
Perform AI and machine learning application security assessments
Simulate real-world adversarial attack scenarios
Conduct vulnerability assessments, threat modeling, and risk analysis
Develop and maintain custom exploits, scripts, and tooling
Perform social engineering, phishing simulations, and physical security assessments
Architect and build a comprehensive, scalable penetration testing program
Define penetration testing standards, methodologies, playbooks, and reporting templates
Establish key performance indicators and metrics for the program
Serve as the primary point of contact for all internal and external penetration testing engagements
Collaborate with Engineering, DevSecOps, IT, Risk, and Compliance teams
Manage relationships with third-party vendors
Present findings, risks, and remediation strategies to executive leadership

10+ years of hands-on penetration testing experience in enterprise environments.
Proven experience building or significantly maturing a penetration testing program.
Extensive experience testing software-as-a-service and platform-as-a-service environments and cloud-native applications.
Strong knowledge of OWASP, PTES, NIST 800-115, MITRE ATT&CK, and CVSS frameworks.
Demonstrated experience leading and mentoring technical security teams.
Strong understanding of secure coding practices and software development lifecycle integration.
Experience writing detailed, executive-ready penetration test reports.
Excellent written and verbal communication skills, with the ability to translate complex technical findings for non-technical audiences.
Experience working in regulated industries, such as finance, healthcare, or technology, is preferred.

Senior Advanced Cyber Security Architect/Engineer

Key skills