×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Penetration Testing Manager

Job in Quincy, Norfolk County, Massachusetts, 02171, USA
Listing for: State Street
Full Time position
Listed on 2026-06-14
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Who We Are Looking For

We are seeking a Manager to lead State Street’s Penetration Testing Team, reporting into leadership within the Threat Intelligence and Assurance function. This role combines technical leadership with program ownership, focused on delivering high-quality, engineering‑driven penetration testing across a complex, highly regulated financial environment. You will be responsible for building and maturing a team that performs rigorous, hands‑on assessments across applications, networks, APIs, and cloud platforms, while establishing consistent, risk‑aligned testing practices.

The Manager is accountable for defining technical standards, ensuring depth and quality of testing, and delivering outputs that are evidence‑based, reproducible, and aligned with audit and regulatory expectations. Working closely with engineering, architecture, and risk partners, you will ensure testing results translate into measurable risk reduction and sustained improvements in secure system design and implementation.

What You Will Be Responsible For

As a Manager, Penetration Testing, you will:

  • Lead, mentor, and develop a team of penetration testers, fostering strong technical depth, hands‑on expertise, and continuous skill development across application, network, and cloud domains.
  • Own and evolve the penetration testing program, including methodologies, tooling, quality assurance practices, reporting standards, and risk‑based prioritization of testing activities.
  • Drive delivery of high quality, hands‑on testing across enterprise applications, APIs, infrastructure, and cloud environments, ensuring assessments are technically rigorous and aligned to real‑world exploitability.
  • Establish and enforce engineering‑centric testing standards, ensuring consistency, reproducibility, and depth across both internal and third‑party executed assessments.
  • Oversee and coordinate testing performed by external providers, including scoping, execution expectations, and technical validation of results to ensure quality and accuracy.
  • Ensure regulator and audit ready outputs, including clear documentation, evidence‑based findings, and reporting that ties technical vulnerabilities to business and risk impact.
  • Partner with engineering, infrastructure, and architecture teams to drive effective remediation, validate fixes, and improve secure design and development practices.
  • Integrate emerging technologies and techniques into the program, including AI/LLM‑focused testing approaches and assurance of enterprise AI deployments (e.g., prompt injection, model abuse, data exposure).
  • Track, analyze, and communicate program metrics, including coverage, risk trends, vulnerability recurrence, and remediation performance, providing clear insights to senior leadership.
  • Continuously improve program maturity, balancing technical depth with scalability, consistency, and alignment to evolving threats, technologies, and regulatory expectations.
What We Value

These skills will help you succeed in this role

  • Leadership through influence and accountability, with a focus on developing talent and building high‑trust teams.
  • Risk‑based decision making, prioritizing what matters most in complex, regulated environments.
  • Technical depth with strategic perspective—ability to connect hands‑on findings to enterprise risk outcomes.
  • Clear, executive‑ready communication tailored to technical and non‑technical audiences.
  • Curiosity and continuous learning, especially in emerging areas such as AI/LLM security.
  • Collaboration and partnership across engineering, risk, and business stakeholders.
  • Ownership and bias for action, ensuring issues are driven through remediation and closure.
Education &

Preferred Qualifications
  • 8+ years in offensive security with experience in high security/highly regulated environments; 2+ years leading teams preferred.
  • Deep expertise in network and application penetration testing, including enterprise attack paths and complex application ecosystems.
  • Strong knowledge of cloud, containerized environments, and identity‑centric architectures.
  • Demonstrated ability to translate findings into actionable, risk‑based remediation.
  • Strong stakeholder engagement and executive…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search