Principal Penetration Tester/ Offensive Security Team Lead

Principal Penetration Tester/ Offensive Security Team Lead

Role Summary

The Principal Penetration Tester/ Offensive Security Team Lead will lead and scale the organization's offensive security and penetration testing practice within a lean and fast-growing cybersecurity company. This is a player-coach role: the ideal candidate is expected to remain deeply hands-on, actively conducting and contributing to penetration testing engagements alongside leadership, delivery oversight, team mentorship, and business growth responsibilities.

This individual will set the technical bar for the practice — personally executing complex assessments, driving methodology excellence, and ensuring high-quality delivery across all client engagements. They will also support pre-sales activities and help establish the company as a trusted offensive security partner.

The ideal candidate thrives in a startup environment, leads by technical example, and is equally comfortable exploiting a misconfigured cloud environment in the morning and presenting findings to a CISO in the afternoon.

Key Responsibilities

Hands-On Technical Delivery

• Personally conduct and contribute to penetration testing engagements across web applications, APIs, cloud environments, networks, mobile applications, wireless infrastructure, and enterprise systems.
• Take direct ownership of complex, high-risk, or sensitive engagements requiring deep technical expertise.
• Perform adversary simulation, exploit development, and advanced attack chain construction on client engagements.
• Author and review high-quality technical reports — including detailed findings, evidence, risk ratings, and actionable remediation guidance.
• Remain current with offensive tooling, exploitation techniques, CVE research, and emerging attack vectors through personal practice and research.

Practice Leadership & Delivery

• Establish and continuously evolve testing methodologies, quality standards, reporting frameworks, and operational best practices.
• Ensure timely, high-quality delivery of all client engagements while managing resource allocation and competing priorities.
• Drive continuous improvement in offensive security capabilities, tooling, automation, and assessment approaches.
• Lead internal research, proof-of-concept development, and red team innovation initiatives.

Technical & Strategic Responsibilities

• Serve as the practice's foremost technical authority on offensive security, adversary simulation, and vulnerability assessment.
• Guide and personally support advanced exploitation scenarios, novel attack surface assessments, and high-complexity engagements.
• Track and operationalize emerging attack techniques, vulnerability disclosures, and threat trends relevant to client environments.
• Contribute to development of new service offerings and scalable assessment models aligned with market demand.

Team Leadership

• Build, mentor, and manage a small but high-performing pentesting team — leading by technical example, not just direction.
• Conduct hands-on technical reviews, pair-testing sessions, and skill development initiatives for consultants.
• Foster a collaborative, learning-oriented, and accountable team culture suited to a fast-paced environment.
• Support hiring, onboarding, and technical capability development of new team members.

Client & Business Engagement

• Serve as a trusted technical advisor to clients on offensive security risks, remediation priorities, and security posture improvement.
• Lead client scoping discussions, technical walkthroughs, and executive briefings — translating complex findings into business-relevant risk.
• Support pre-sales activities including proposal preparation, effort estimation, solution design, and technical demonstrations.
• Collaborate with sales and leadership to grow client relationships and identify new service opportunities.

Operational Responsibilities

• Contribute to delivery processes, utilization planning, and practice-level operational metrics.
• Ensure all engagement activities comply with contractual, legal, confidentiality, and ethical requirements.
• Assist leadership in strategic planning, revenue growth initiatives, and service expansion efforts.

Candidate Specifications

Required Qualifications & Experience

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical discipline — or equivalent demonstrated experience.
• 10+ years in cybersecurity with a heavy, sustained focus on hands-on penetration testing and offensive security.
• Proven track record of personally executing penetration tests across multiple technology domains, not solely overseeing them.
• Demonstrated experience leading or building penetration testing teams or offensive security practices.
• Comfortable operating as an individual contributor on technical engagements while simultaneously carrying leadership responsibilities.
• Experience engaging directly with enterprise clients and executive stakeholders.
• Prior experience in fast-paced, lean, or startup-oriented environments strongly preferred.

Technical Skills

• Deep, hands-on expertise in web application, network, cloud, API, mobile, and infrastructure security testing.
• Proficiency with offensive security tools and frameworks (e.g., Burp Suite, Metasploit, Cobalt Strike, BloodHound, Impacket, custom tooling).
• Strong command of exploitation techniques, post-exploitation tradecraft, lateral movement, and privilege escalation across Windows, Linux, and cloud environments.
• Familiarity with secure architecture concepts, common attack vectors, and practical remediation approaches.
• Working knowledge of cloud platforms (AWS, Azure, GCP), container security, identity security, and modern enterprise environments.
• Familiarity with OWASP, NIST, PTES, MITRE ATT&CK, and CIS benchmarks.

Certifications (Preferred)

• OSCP, OSWE, OSEP, OSED, CRTO, CRTE, LPT Master, or equivalent hands-on offensive security certifications strongly preferred.
• CISSP or similar governance certifications are a plus but not a substitute for technical credentials.