×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Penetration Testing

Job in Philadelphia, Philadelphia County, Pennsylvania, 19117, USA
Listing for: Logic Hire Solutions LTD
Full Time position
Listed on 2026-07-08
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 185000 - 195000 USD Yearly USD 185000.00 195000.00 YEAR
Job Description & How to Apply Below

Overview

Job Title: Manager, Penetration Testing (Offensive Security Lead)

Location: Hybrid – Princeton, NJ | Clifton, NJ | Berwyn, PA | Austin, TX | Boston, MA | Quincy, MA

Salary Range: $185,000 - $195,000 + Performance Bonus

Department: Threat Intelligence & Assurance

Role Summary

We is seeking a highly technical Manager to lead our internal Penetration Testing Team. Reporting to senior leadership within the Threat Intelligence and Assurance function, this role is a hybrid of technical leadership and program ownership
. You will be responsible for building, mentoring, and maturing a team of elite testers tasked with securing one of the world's most complex financial infrastructures.

This is not a "check-the-box" compliance role. We require an engineering-driven approach to offensive security. You will establish rigorous, evidence-based testing standards across applications, networks, APIs, and multi-cloud environments. Your leadership will ensure that testing outputs are regulator-ready, actionable, and directly translate into measurable risk reduction for the enterprise.

What You Will Be Responsible For Team Leadership & Mentorship
  • Lead, mentor, and develop a team of penetration testers, fostering deep technical expertise and continuous skill development.
  • Cultivate a "Purple Team" mindset, ensuring testers collaborate effectively with defenders to improve detection and response capabilities.
  • Manage resource allocation, capacity planning, and professional development roadmaps to retain top-tier talent.
Program Ownership & Maturation
  • Own the lifecycle of the penetration testing program, including methodologies (e.g., OWASP, PTES, MITRE ATT&CK), tooling selection, QA practices, and reporting standards.
  • Establish and enforce engineering-centric testing standards to ensure consistency, reproducibility, and depth across internal and 3rd-party assessments.
  • Develop a risk-based prioritization model to ensure testing focuses on critical assets and emerging threat vectors.
Technical Execution & Hands-On Oversight
  • Drive delivery of high-quality, hands-on testing across diverse landscapes:
  • External/Internal Network:
    Bypassing firewalls, routers, switches, and segmentation controls.
  • Web Applications & APIs:
    Deep-dive assessments of RESTful, GraphQL, and SOAP APIs.
  • Cloud Platforms:
    Complex attack path identification in AWS, Azure, and GCP (IaaS, PaaS, SaaS).
  • Serve as the technical escalation point, assisting the team with complex exploitation chains, privilege escalation, and lateral movement techniques.
  • Oversee and coordinate testing performed by external providers, including scoping, technical validation of results, and ensuring adherence to State Street’s quality standards.
Audit, Governance, & Remediation
  • Ensure outputs are "Audit-Ready":
    Clear documentation, evidence-based findings, and reports that tie technical vulnerabilities to business impact and regulatory risk (e.g., FedRAMP, GLBA, NYDFS).
  • Partner with engineering, infrastructure, and architecture teams to drive effective remediation, validate fixes, and improve secure design/development practices.
Innovation & Emerging Tech (AI/ML Security)
  • Spearhead the integration of emerging technologies into the program, specifically focusing on AI/LLM security. This includes testing enterprise AI deployments for prompt injection, model abuse, data leakage, and insecure output handling.
  • Evaluate and integrate AI-assisted tools to automate reconnaissance, fuzzing, and vulnerability validation to increase team throughput.
Metrics & Reporting
  • Track, analyze, and communicate program KPIs (e.g., Mean Time to Remediate, vulnerability recurrence rates, coverage percentage) to senior leadership, translating technical jargon into clear business risk posture.
What We Value (Core Competencies)
  • Leadership via Influence:
    Ability to lead without explicit authority; building high-trust teams and developing future leaders.
  • Risk-Based Decision Making:
    Prioritizing what matters most in a highly regulated, complex environment.
  • Strategic Perspective:
    Connecting a technical finding (e.g., a buffer overflow) to enterprise risk outcomes (e.g., data breach impact).
  • Executive Communication:
    Ability to…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary