Sr Advanced Cyber Security Architect/Engineer

About The Position

Requirements

• Highly skilled and experienced Sr Adv Cyber Security Architect
• Experience designing, executing, and leading end-to-end penetration tests
• Experience conducting penetration testing across SaaS and PaaS environments
• Experience performing AI and machine learning application security assessments
• Experience simulating real-world adversarial attack scenarios using threat intelligence and red team methodologies
• Experience conducting vulnerability assessments, threat modeling, and risk analysis
• Experience developing and maintaining custom exploits, scripts, and tooling
• Experience performing social engineering, phishing simulations, and physical security assessments
• Experience architecting and building penetration testing programs aligned with industry frameworks (OWASP, PTES, NIST, MITRE ATT&CK)
• Experience defining penetration testing standards, methodologies, playbooks, and reporting templates
• Experience establishing KPIs and metrics for penetration testing programs
• Experience serving as the primary point of contact for penetration testing engagements
• Experience collaborating with Engineering, DevSecOps, IT, Risk, and Compliance teams
• Experience managing relationships with third-party penetration testing vendors
• Experience presenting findings to executive leadership and technical stakeholders
• Experience leading, mentoring, and developing a team of penetration testers
• Experience conducting knowledge-sharing sessions, red team exercises, and skills development programs
• Experience defining career paths and growth frameworks for a penetration testing team
• Experience fostering a culture of continuous learning
• Experience recruiting and onboarding new team members

Responsibilities

• Design, execute, and lead end-to-end penetration tests across a wide range of environments, including web applications, APIs, cloud infrastructure, internal and external networks, and mobile applications.
• Conduct penetration testing across software-as-a-service and platform-as-a-service environments, identifying unique risks and attack surfaces specific to cloud hosted and multi-tenant platforms.
• Perform AI and machine learning application security assessments, including testing of large language model applications for vulnerabilities such as prompt injection, model inversion attacks, data poisoning, insecure output handling, and training data leakage.
• Simulate real-world adversarial attack scenarios using threat intelligence and red team methodologies.
• Conduct vulnerability assessments, threat modeling, and risk analysis across diverse technology stacks.
• Develop and maintain custom exploits, scripts, and tooling to support advanced testing scenarios.
• Perform social engineering, phishing simulations, and physical security assessments as required.
• Architect and build a comprehensive, scalable penetration testing program aligned with recognized industry frameworks, including OWASP, PTES, NIST, and MITRE ATT&CK.
• Define penetration testing standards, methodologies, playbooks, and reporting templates.
• Establish key performance indicators and metrics to measure the effectiveness and maturity of the penetration testing program.
• Serve as the primary point of contact for all internal and external penetration testing engagements.
• Collaborate with Engineering, DevSecOps, Information Technology, Risk, and Compliance teams to integrate security testing into the software development lifecycle and continuous integration and delivery pipelines.
• Manage relationships with third-party penetration testing vendors and coordinate external assessments.
• Present findings, risks, and remediation strategies to executive leadership and technical stakeholders.
• Lead, mentor, and develop a team of penetration testers at various skill levels.
• Conduct regular knowledge-sharing sessions, red team exercises, and skills development programs.
• Define career paths and growth frameworks for the penetration testing team.
• Foster a culture of continuous learning and maintain awareness of the evolving threat landscape.
• Recruit and onboard new team members as the program scales.