The Offensive Operations Manager will provide operational and tactical leadership to our RedSec Team. The core mission of this team is to identify threats through ethical hacking events before they affect clients and advising clients how to strengthen their security posture based on the results of these events.
Direct Reports: The Infrastructure and Web App Offensive Operators report to the Manager, Offensive Operations.
Principal Responsibilities
Lead by example through the NuHarbor corporate values: Protect our house, Help clients win, Always improve.
Direct team efforts and prioritization through investigation, scoping, pricing, and proposal development support for NuHarbor offensive operations engagements
Schedule and manage team workload to create a balanced and scalable delivery capability, including client and career growth assignments
Build and encourage self-directed teams, fostering a collaborative culture that drives both cooperative effort and individual accountability
Develop and direct repeatable engagement processes to ensure consistent on-time and high-quality delivery
Promotes a culture of excellence by maintaining the highest expectations of performance while creating and managing to key performance indicators
Work closely with NuHarbor executive management to ensure appropriate measures and delivery against goals of utilization, profitability, and staff satisfaction
Collaborate with leadership on the development of security analysis and advisory capabilities and product offerings
Develop and manage the Offensive Operations group to established productivity and operational budget metrics
Key Capabilities
Demonstrated performance in the following capabilities:
Bachelor's Degree in a related field, eight (8) years of experience working in application development, cybersecurity, or related technical positions.
In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required
A minimum of three (3) years experience managing a cybersecurity services team
A minimum of five (5) years' experience in cybersecurity assessment and testing, with knowledge of security fundamentals, application vulnerabilities, application attack vectors, penetration testing methodologies, and tools
Demonstrated experience in technical writing and remediation guidance
Ability to handle competing priorities and deliver results in a fast-paced environment.
Experience with data visualization tools and strong analytical skills
Strong communications skills for both technical and management/executive-level audiences on topics of cybersecurity and vulnerability management
Demonstrated knowledge of application architectures, databases, infrastructure design and implementation
Must be a citizen of the United States
Preferred Qualifications
Demonstrated experience successfully leading customer-facing teams who work with cybersecurity technology platforms
Experience utilizing metrics report on service program effectiveness and productivity and to inform process improvement opportunities.
Experience with security event triaging and threat hunting executed through both a SIEM and EDR toolset.
Hold at least one industry certification (GPEN,CompTIA Security+, CISM, CISSP, CeH)
Previous roles in established managed security service provider organizations
Work Location: Headquarters inColchester, VTpreferred. Northeast Remote considered.
Travel: Occasional business travel for client engagements, training, and professional conferences.