Offensive Security Lead

We’re looking for an Offensive Security Lead to oversee day-to-day pentesting and delivery across our offensive security services while remaining close to the technical work. You’ll manage and mentor a team of elite pentesters and security engineers, ensure every engagement meets our standards for depth and accuracy, and act as the technical owner for complex client engagements.

This role sits at the intersection of hands-on offensive security, people leadership, and delivery excellence
. You’ll work closely with Sales, Product, and Leadership to support scoping, improve delivery processes, and help evolve our service offerings as the business scales.

• Oversee and contribute to penetration tests, red team activities, and advanced security assessments.
• Act as the technical escalation point for complex findings, edge cases, and client questions.

• Manage a team of pentesters and security engineers, providing technical guidance, feedback, and career development.
• Foster a culture of learning, curiosity, and high professional standards.

• Own engagement scoping, execution quality, and reporting standards.
• Ensure findings are accurate, reproducible, risk-focused, and actionable for engineering and compliance teams.

• Partner with Sales on technical discovery calls, scoping discussions, and proposal input.
• Help prospects understand real-world risk, testing depth, and value beyond checkbox compliance.

• Track and improve key delivery metrics (SLA adherence, retesting turnaround, utilization, client satisfaction).
• Identify bottlenecks and continuously refine delivery processes and tooling.

• Provide hands‑on input into the design and refinement of service lines (e.g., Red Teaming, AI/LLM testing, Secure Code Review, IoT).
• Help operationalize new offerings by defining scope, methodology, and delivery standards.

• 6–8+ years in offensive security with strong hands‑on experience in penetration testing, red teaming, or related domains.
• 2–3+ years in a technical leadership or management role within a consultancy or internal security team.
• Proven experience managing client engagements end‑to‑end in a professional services environment.
• Strong understanding of manual testing methodologies and frameworks (OWASP, ASVS, WSTG, and NIST 800).
• Working knowledge of compliance and audit contexts (SOC 2, ISO 27001, PCI DSS) and how offensive testing maps to them.
• Ability to balance technical depth with delivery ownership and people management.
• Clear, confident communicator with engineers, executives, and non‑technical stakeholders.
• Bias toward action, accountability, and high‑quality outcomes.

• Experience working with SaaS, Fin Tech, or Health Tech companies.
• Familiarity with PTaaS or portal‑driven delivery models.
• Offensive security certifications such as OSCP, OSEP, OSCE, or equivalent.