Cybersecurity Senior Advisor – Offensive Security & Exposure Management

About The Position

Requirements

• Requires BS/BA in information Technology or related field of study and a minimum of 8 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; requires broad-based experience to plan and design highly complex systems; or any combination of education and experience, which would provide an equivalent background.
• Must be capable of providing top-tier support for 5 or more of the information security technology common body of knowledge skill sets: Access Control, Application Security, Business Continuity and Disaster Recovery Planning, Cryptography, Information Security and Risk Management, Legal Regulations, Compliance and Investigations, Operations Security, Physical (Environmental) Security, Security Architecture and Design, Telecommunications and Network Security

Nice To Haves

• 7+ years in cybersecurity (offensive security, application security/vulnerability management and exposure management).
• Experience with continuous penetration testing programs.
• Cloud experience (AWS, Azure, GCP).
• Familiarity with SIEM, EDR, MITRE ATT&CK, and OWASP.
• Experience owning security tools and leading cross-functional initiatives.
• Strong knowledge of enterprise architecture, vulnerabilities, weaknesses, and identity systems.
• Ability to assess and communicate risk effectively.
• Security Certifications: CISSP and other advanced technical security certifications (e.g. OSCP, CEH) preferred.

Responsibilities

• Own and evolve automated penetration testing tools and processes.
• Lead development and execution of risk assessment methodologies to fit business, regulatory, and technical environment considerations.
• Define testing strategy, scope, and coverage aligned to business risk.
• Lead analysis of attack paths and systemic vulnerabilities.
• Establish risk-based prioritization and remediation standards.
• Serve as technical lead and escalation point; mentor team members and provide technical guidance.
• Develop security incident response plans and strategies.
• Drive cross-functional remediation and remove blockers.
• Develop and report KPIs on risk reduction and control effectiveness.
• Integrate with security ecosystem (SIEM, EDR, vulnerability tools).
• Partner with architecture and engineering teams to influence secure design.
• Develop reports supporting strategy and direction for management.

Benefits

• comprehensive benefits package
• incentive and recognition programs
• equity stock purchase
• 401k contribution
• merit increases
• paid holidays
• Paid Time Off
• incentive bonus programs
• medical, dental, vision, short and long term disability benefits
• 401(k) +match
• stock purchase plan
• life insurance
• wellness programs
• financial education resources