Head of Cybersecurity Assurance Testing

About The Position

Requirements

• 5+ years in offensive security, ethical hacking, or application security leadership roles.
• Hands-on experience planning and conducting penetration tests, red team operations, application security testing, and purple team exercises.
• Experience managing technical teams and delivering results through others.
• Proficiency with industry-leading tools (Burp, ZAP, Cobalt Strike, etc.) and automation frameworks.
• Strong understanding of secure SDLC, threat modeling, adversarial simulation, and CI/CD security integration.
• Excellent communication and stakeholder management skills.
• Bachelor’s degree in cybersecurity or related field, or equivalent certifications (OSCP, OSWE, GWAPT, CISM, etc.).
• Demonstrated ability to drive urgent response, automate manual processes, and ensure closure of findings.

Nice To Haves

• Experience in financial services or large enterprise environments.
• Familiarity with automation frameworks and AI-driven security testing.
• Exposure to cloud security and containerized application testing.
• Experience leading global teams.

Responsibilities

• Develop and own the roadmap, backlog, and quarterly planning for Application Security, Red, and Purple Teaming.
• Lead red team missions, application security tests, and coordinate third-party adversarial exercises.
• Ensure team performance, resource planning, and program outcomes; deliver results directly and through others.
• Oversee project delivery and capability expansion.
• Plan, execute, and report on Purple Team (offense/defense) exercises.
• Partner with Cyber Defense to improve detection, response, and resilience.
• Deliver actionable readouts and lessons learned to all stakeholders.
• Align with Vulnerability and Threat specialists, stakeholders, and Peer teams for future red team planning.
• Manage, coach, and develop engineers; set goals, provide feedback, support growth, and aide with career development planning.
• Include diverse learning in plans from conferences to hands-on learning and capture-the flag exercises, to additional learning activities and certifications.
• Foster a high-performance, accountable, and innovative culture.
• Ensure optimal resource utilization and allocation.
• Partner with application owners, global teams, and security stakeholders to focus on high-risk areas and close findings.
• Translate findings to meaningful insights and recommend defense improvements.
• Influence offensive/application security testing standards and other policies and standards based on findings.
• Introduce new offensive/Application Security technologies, methodologies, and automation (including A.I.).
• Integrate security validation into CI/CD; promote automated testing.
• Encourage continuous improvement and experimentation.
• Define, track, and report KPIs for coverage, risk reduction, remediation, and automation.
• Deliver executive-ready reports translating technical findings to business risk.
• Publish KPIs and ensure timely remediation or risk acceptance of findings

Benefits

• At Guardian, you’ll have the support and flexibility to achieve your professional and personal goals.
• Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.
• As part of Guardian’s Purpose – to inspire well-being – we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues.
• Explore our company benefits at www.guardianlife.com/careers/corporate/benefits.
• Benefits apply to full-time eligible employees.