Manager, Offensive Security

Job Description

If you

- are excited to work in an international, fast-paced, multi-faceted media company.
- are comfortable ensuring timely escalation, responsiveness and follow through to meet deadlines.
- are knowledgeable of, and understand, the risk-based business impact approach to cybersecurity.
- are actively questioning and influencing actions needed to attain goals and targets.
- are comfortable driving strategic initiatives forward.
- Then help us create the future with one of the worlds largest media & entertainment companies.
- Deliver high quality security assessment reports to stakeholders and drive change to improve the security posture of the organization.
- Advancing strategic initiatives by influencing leadership, key stakeholders, and partnering with teams throughout WBD.
- Influence team strategy, direction, and priorities.
- Leading effective teamwork, communication, collaboration and commitment across multiple disparate groups with competing priorities
- Create detailed security assessment plans for penetration team engineers to execute.
- Assess current team capabilities and create a roadmap for future state capabilities that in line with the industry leaders in Security assessments.
- Execute and Lead penetration testing engagements against a variety of web applications/services and software.
- Develop and execute attack strategies to simulate real-world attacks by threat actors.
- Ability to identify and exploit vulnerabilities in computer systems, networks,and applications to simulate attacks by threat actors.
- Analyze and report on the results of security assessments and make recommendations to improve the security posture of the organization.
- Advise management about noncompliance with defined standards in applications tested.
- Partner with developers to drive improvement in application security as a result of security assessment engagements.
- Provide clear communication on the issue to developers and verify the efficacy of the fix .
- Provide actionable remediation feedback for findings and/or long-term risk mitigation guidance.
- Provide guidance and recommendations to other teams to improve the security of products.
- Demonstrate deep understanding of computer networks, operating systems, databases, web applications, and mobile applications.
- Experience with Secure software development lifecycle, distributed systems and security protocols.
- Create custom tools and scripts to automate testing and make the process more efficient.
- Support and maintain tools used for penetration testing and security assessments.
- Develop and mentor other security engineers.
- Must be based in the WBDs office, minimum three days/week.

Qualifications & Experiences

- A Bachelor's degree in Computer Science , Cybersecurity, or other related fields, from an accredited university or an equivalent professional experience may suffice in lieu of a Bachelors degree.
- Minimum of 7 or more years of professional experience with 3 or more years of management experience with security engineering practices such as in web application security, network security, authN / authZ protocols, cryptography, automation, and other software security.
- Minimum of 5 years of experience in penetration testing, code review, bug bounty hunting, or red teaming/capture the flag experience.
- Experience in scripting in Python or other languages to build automation tools.
- Team player with strong communication skills.
- Experience briefing senior leaders.

---