Manager, Assessment, Research and Emergent Technologies

About The Position

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field; Master's degree preferred.
• 8+ years of experience in cybersecurity.
• Deep expertise in at least three of the following domains: cyber threat intelligence, AI/ML security, product security, penetration testing/red teaming, or security tool development.
• Strong understanding of threat actor tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK.
• Experience with security assessment methodologies including threat modeling, penetration testing, and vulnerability research.
• Knowledge of AI/ML security risks, vulnerabilities, and mitigation strategies.
• Understanding of secure software development lifecycle (SSDLC) and product security best practices.
• Excellent written and verbal communication skills with ability to present complex technical topics to executive audiences.
• Experience with security tool development, automation, and scripting (Python, PowerShell, or similar).
• Strong project management skills with ability to manage multiple concurrent initiatives.

Nice To Haves

• Demonstrated experience building and leading high-performing technical security teams.
• Advanced certifications such as CISSP, CISM, GIAC (GCTI, GPEN, GXPN, GREM), OSCP, OSCE, or equivalent.
• Experience with threat intelligence platforms (TIPs) such as MISP, ThreatConnect, or Anomali.
• Familiarity with AI/ML frameworks, model development, and AI security testing tools.
• Experience with bug bounty programs or coordinated vulnerability disclosure processes.
• Knowledge of security orchestration, automation, and response (SOAR) platforms.
• Experience in highly regulated industries (healthcare, finance, retail).
• Published security research, conference presentations, or contributions to open-source security projects.
• Understanding of supply chain security, software composition analysis, and third-party risk management.

Responsibilities

• Manage the daily activities of the ARET team, including Cyber Threat Intelligence Analysts, AI Security Engineers, Product Security Engineers, Adversarial Emulation/Defense Engineers, and Security Tool Developers.
• Provide guidance and mentorship to team members, fostering professional development and technical excellence.
• Define and track performance metrics and KPIs to measure program effectiveness and drive continuous improvement.
• Develop and maintain a culture of innovation, continuous learning, and proactive security research.
• Coordinate cross-functional collaboration with other security teams (AppSec, SOC, Infrastructure, GRC) to integrate ARET insights into operational security practices.
• Manage team budgets, resource allocation, and vendor relationships for ARET services and tools.
• Develop and administer training and qualification certification for ARET functional roles.
• Provide effective communications about research findings, threat intelligence, and security concerns to stakeholders across the organization.
• Develop and execute strategic roadmaps for cyber threat intelligence, AI security, product security, adversarial emulation, and security tool development programs aligned with organizational risk tolerance and business objectives.
• Identify and assess emerging threats, attack techniques, and security technologies that may impact Inmar's security posture.
• Establish and maintain the organization's AI security program, ensuring responsible AI development practices and protection against AI-specific threats, such as prompt injection, model poisoning, and adversarial attacks.
• Define and mature the product security program, establishing secure development lifecycle practices, third-party component risk management, and product vulnerability disclosure processes.
• Champion offensive security capabilities through adversarial emulation and penetration testing programs that validate security controls and identify gaps before adversaries can exploit them.
• Drive automation and efficiency through strategic security tool development initiatives that enhance security operations and reduce manual effort.
• Engage with industry peers, threat intelligence sharing communities (ISACs/ISAOs), and research organizations to stay current with emerging threats and defensive techniques.
• Provide strategic input to executive leadership on emerging threats, security trends, and recommended investments in security capabilities.
• Oversee the development and management of the third party product security review process.
• Oversee the development and maintenance of cyber threat intelligence collection, analysis, and dissemination capabilities.
• Ensure threat intelligence feeds, indicators of compromise (IOCs), and threat actor profiles are integrated into security monitoring and detection systems.
• Provide technical oversight for AI/ML security assessments, including model security testing, data privacy validation, and AI risk assessments.
• Review and approve product security assessments, threat models, and secure design recommendations for internal products and third-party solutions.
• Ensure adversarial emulation and penetration testing activities follow industry best practices (MITRE ATT&CK, PTES) and provide actionable remediation guidance.
• Oversee the development of security automation tools, scripts, and integrations that enhance security operations efficiency.
• Stay current with vulnerability research, exploit techniques, and defensive technologies relevant to Inmar's technology stack.
• Maintain awareness of applicable regulations and compliance requirements affecting threat intelligence, AI security, and product security (e.g., GDPR, CPRA, AI Act, executive orders on AI).
• Coordinate incident response support from ARET team members during security incidents, providing threat intelligence, forensic analysis, and remediation guidance.
• Manage vulnerability disclosure processes for Inmar products, including coordinated disclosure with external researchers where relevant.
• Ensure timely delivery of threat intelligence reports, product security assessments, penetration test reports, and research findings to stakeholders.
• Track and report on ARET program metrics including threat intelligence coverage, AI security assessments completed, product security reviews, penetration tests conducted, and automation tools deployed.
• Maintain documentation of ARET processes, methodologies, and standard operating procedures.
• Ensure secure handling of sensitive threat intelligence, vulnerability data, and penetration test results.

Benefits

• Medical, Dental, and Vision insurance
• Basic and Supplemental Life Insurance options
• 401(k) retirement plans with company match
• Health Spending Accounts (HSA/FSA)
• Flexible time off and 11 paid holidays
• Family-building benefits, including Maternity, Adoption, and Parental Leave
• Tuition Reimbursement and certification support, reflecting our commitment to lifelong learning
• Wellness and Mental Health counseling services
• Concierge and work/life support resources
• Adoption Assistance Reimbursement
• Perks and discount programs