×
Register Here to Apply for Jobs or Post Jobs. X

Senior Offensive Security Manager

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Dormont Manufacturing Co
Full Time position
Listed on 2026-07-04
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, AI Engineer (Applied/Software)
Salary/Wage Range or Industry Benchmark: 275000 - 300000 USD Yearly USD 275000.00 300000.00 YEAR
Job Description & How to Apply Below

Who Are We?

Postman is the world’s leading API platform, used by more than 45 million+ developers and 500,000 organizations, including 98% of the Fortune 500. Postman is helping developers and professionals across the globe build the API‑first world by simplifying each step of the API lifecycle and streamlining collaboration—enabling users to create better APIs, faster.

The company is headquartered in San Francisco and has offices in Boston, New York, Austin, Tokyo, London, and Bangalore. Postman is privately held, with funding from Battery Ventures, BOND, Coatue, CRV, Insight Partners, and Nexus Venture Partners. Learn more at  or connect with Postman on X via @get postman.

The Information Security organization at Postman operates across three pillars:
Governance Risk & Compliance (GRC), Product Security, and Security Operations. We are a team of builders, not checkbox‑checkers. We hold active SOC 2 Type II, ISO 27001, ISO 42001, and HIPAA compliance postures, and we are pursuing FedRAMP High and CMMC Level 2 authorization. Our security stack includes Wiz, Sentinel One, Okta, Jamf, and 1

Password, and we operate across a multi‑cloud environment.

The Offensive Security team is the "red" pulse of this organization. We don't just find bugs — we simulate the adversary to ensure our defenses hold up under real‑world pressure. We focus on continuous security validation, AI‑augmented adversary emulation, and offensive AI security research at Postman’s scale.

The Opportunity

We are looking for a Senior Manager, Offensive Security who is as much a strategist as they are a hacker. You will own the strategic direction of Postman’s offensive security program — including building a dedicated Offensive AI Security capability from the ground up — and operate as a key partner to CISO leadership on threat‑informed defense strategy.

This is not a role where you inherit a mature program and keep the lights on. You will shape what offensive security looks like at Postman for the next three years, with a specific mandate to make us an industry leader in adversarial testing of AI systems, agentic workflows, and LLM integrations.

You will lead a team that doesn’t just "report" vulnerabilities but "demonstrates" them, using live exploits to build a deep, visceral security culture across the entire engineering organization.

What You’ll Do
  • Set Strategic Direction:
    Define and execute the multi‑year offensive security roadmap, aligning Red Team, Purple Team, and continuous validation capabilities to Postman’s evolving threat landscape and business priorities.
  • Build the Offensive AI Security Practice:
    Stand up and scale a dedicated offensive capability targeting AI/ML systems, including adversarial testing of LLM integrations, agentic workflows (MCP, tool‑use chains), RAG pipelines, and model‑serving infrastructure. Define the methodology, tooling, and engagement frameworks from the ground up.
  • Develop AI Threat Intelligence:
    Track and operationalize the rapidly evolving AI threat landscape — OWASP LLM Top 10, MITRE ATLAS, emerging attack research on agentic systems — translating external research into internal red team playbooks and detection hypotheses for Security Operations.
  • Red Team AI Systems at Depth:
    Go beyond checkbox assessments. Lead structured adversarial campaigns against Postman’s LLM deployments, AI agents, and model pipelines — targeting prompt injection, tool‑use abuse, data exfiltration via context manipulation, training data poisoning, model manipulation, and trust boundary violations in multi‑agent architectures.
  • Architect Autonomous Testing:
    Design and deploy AI‑based penetration testing platforms and autonomous agents to perform continuous security validation across our API ecosystem.
  • Continuous Validation:
    Move from manual pentesting to Continuous Offensive Security, integrating automated breach and attack simulation (BAS) into CI/CD pipelines, including AI model deployment pipelines.
  • Lead & Cultivate:
    Build, manage, and scale a high‑performing team of offensive security engineers — including specialized AI red team operators — providing mentorship, career development, and succession planning.
  • Recruit for the…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary