Offensive Cyber Operations Red Team Lead (Penetration Testing)

Job Description

Company: Mindlance

Location: Jersey City, US

Offensive Cyber Security Operations Team Lead

Reporting to the Director of the Offensive Cyber Operations team, you are responsible for executing the strategic direction, vision, and operational accountability for team members performing penetration testing and red team engagements. You ensure that all testing efforts are aligned to documented requirements, minimizing organizational risk while maintaining a high-quality, resilient assessment program. This role combines deep hands-on technical expertise with leadership responsibilities, including planning and executing adversary-emulation exercises, mentoring team members, coordinating with defensive partners, and delivering executive-level reporting.

As a central leader within the Offensive Cyber Operations (OCO) program, you will administer and coordinate end-to-end assessments and exercises, assess and define procedures and tools, and guide the deployment of assessment methodologies and reporting practices. You serve as the company’s Subject Matter Expert (SME) on penetration testing and red teaming, applying best practices and awareness of vendor/tool risk trends. You ensure Red Team activities effectively assess organizational detection, response, and resilience capabilities while adhering to legal, ethical, and operational standards.

Lead and execute full-scope Red Team engagements and adversary-emulation campaigns across network, identity, cloud, and human attack surfaces. Plan and manage Red Team operations, including scope definition, objectives, rules of engagement, operational constraints, and deconfliction. Design and execute campaign-style attack chains using adversary tactics, techniques, and procedures (TTPs), including assumed-breach and stealth intrusion scenarios. Perform and oversee advanced exploitation of enterprise networks, systems, Windows/Active Directory, identity systems, and cloud services. Evaluate and assess preventive and detective controls (e.g., EDR, SIEM, IAM, NAC) by analyzing telemetry and validating alerting/response workflows. Collaborate with Detection, Response, and Purple Team partners during live-fire and validation exercises. Identify systemic control gaps and end-to-end attack paths (not just isolated vulnerabilities) and translate business drivers into technical recommendations. Administer, coordinate, and implement vendor and OCO testing processes, ensuring adherence to procedures, policies, and regulatory frameworks. Guide cyber security decisions related to network design, cloud adoption, threat modeling, and new technology integration; evolve processes, automation, and monitoring using data analytics. Oversee evidence collection, attack-chain documentation, and artifact management; produce clear, executive-ready reports that communicate risk and recommendations to technical and non-technical stakeholders. Mentor, coach, and develop Red Team operators in tooling, tradecraft, and operational discipline; contribute to labs, tools, and training programs. Maintain relationships with partners across IT, business units, BISOs, ERMs, and other teams to ensure alignment and effective coordination; partner with leadership to shape Red Team strategy, maturity, and capability development. Monitor industry trends, business developments, and emerging threat actor techniques to continuously mature the OCO program and methodologies. Manage risk through procedural adherence, rapid issue resolution, and proper escalation and documentation of findings.

To succeed in this role, you should: Have at least seven (7) years of professional-level experience in offensive security, including one or more technical disciplines such as Penetration Testing, Red Teaming, Networking, Firewalls, Server Administration, Encryption, Cloud, Containers, Databases, or Software Development. Have at least two (2) or more years of experience as a penetration tester/red team tester, and proven experience leading complex security testing or adversary-emulation exercises. Possess hands-on, expert-level technical proficiency in at least one critical skill area, supported by relevant certifications.

Hold (or be working toward) multiple professional or associate-level certifications relevant to the role; preferred offensive certifications include OSCP, OSEP, CRTO, GXPN (or equivalent). Demonstrate strong hands-on expertise in enterprise networks, Windows, Active Directory, and identity-based attacks. Demonstrate advanced understanding of adversarial tactics, techniques, and procedures (TTPs). Strong understanding of enterprise security controls, detection technologies, and incident response workflows; able to validate and communicate technical risk clearly at the executive and business level.

Preferred: experience with cloud and container security (e.g., AWS, Azure, Kubernetes) and background collaborating in Purple Team operations. Be proficient with multiple open-source and commercial security tools (e.g., Nessus, Burp Suite, Metasploit, Nmap) and understand the strengths, weaknesses, configuration requirements, and troubleshooting needs of common security tooling. Have strong proficiency working with both UNIX-based and Microsoft operating systems, with deep systems engineering experience in at least one of them. Understand security guidelines such as NIST 800-53 and NIST 800-115. Demonstrate the ability to clearly articulate technical findings to both technical and non-technical audiences. Strong understanding of IT network architecture and cyber security fundamentals, enabling effective guidance for product enhancements and new designs. Ability to engage across a wide range of technologies and stay informed about evolving trends to support aggressive testing schedules.

EEO: “Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”

Source: Lensa