Manager Offensive Cybersecurity / Penetration Testing

Who We Are Robert Half, one of FORTUNE’s World’s Most Admired Companies and a Fortune 100 Best Companies to Work For is hiring a Manager of Offensive Cybersecurity / Penetration Testing to join the Enterprise Information Security team. This individual will lead and mature the organization’s offensive security capabilities within the Enterprise Information Security (EIS) team. This role is responsible for managing penetration testing activities across applications, infrastructure, networks, and cloud environments; identifying and validating security weaknesses; and driving improvements in testing processes, automation, and operational maturity. The ideal candidate combines deep hands-on technical expertise with strong leadership, communication, and program management skills.

What You'll Do

• Lead and oversee penetration testing engagements across enterprise applications, systems, networks, cloud platforms, and other in-scope environments.
• Define testing scope, methodology, and priorities based on business risk, threat intelligence, and organizational objectives.
• Validate vulnerabilities and attack paths through manual testing, proof-of-concept development, and adversary emulation techniques.
• Partner with engineering, infrastructure, and application teams to communicate findings, support remediation, and improve overall security posture.
• Lead, mentor, and develop team members to strengthen offensive security capabilities and technical depth.
• Establish and mature offensive security processes, methodologies, reporting standards, and quality controls.
• Develop metrics and reporting to communicate testing coverage, findings trends, remediation progress, and program effectiveness to leadership.
• Collaborate with cross-functional stakeholders to prioritize testing activities and support secure design and remediation efforts.
• Develop or adapt proof-of-concept exploits to validate vulnerabilities and assess potential business impact.
• Create repeatable assessment and reporting processes that support audit, compliance, and governance requirements.

What You'll Need

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience; advanced degree preferred.
• OSCP, OSEP, CRTP, CEH, CPT, CEPT, GPEN or other experienced industry standard penetration testing Certification(s) required.
• 7+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design, networking, administration, identity, or other responsibilities preferred.
• 5+ years’ experience in information security required.
• 3+ years’ experience performing penetration testing required.
• Work independently and troubleshoot technical and business process related issues.
• Develop subject matter expertise in the entire information security stack.
• Develop technical testing solutions for internal consumption.
• Ability to appropriately analyze and scope vulnerability disclosures, CVEs.
• Expertise in OWASP.
• Experience leading penetration testing programs or engagements in a large enterprise environment.
• Excellent understanding of threat vectors and containment methods
• Knowledge of Active Directory discovery, enumeration and exploit methods.
• Experience assessing cloud environments (AWS, Azure, GCP), including common misconfigurations, attack paths, and defensive controls.
• Excellent written and verbal communication skills, with the ability to present technical findings to both technical and non-technical audiences.

Nice to Have

• Experience with multiple and current Endpoint Detection and Response solutions
• Experience with Vulnerability Management concepts and best practices
• OS (Windows, Linux and Mac OS, mobile OS’s)
• Expertise in networking concepts, protocols and encryption
• Expertise in application security practices and tools
• Expertise in programming/scripting languages strongly preferred: Python, PowerShell, Bash, C/C++/C# etc.
• Expertise in Metasploit or similar tooling
• Expertise in penetration testing security tooling, such as Kali Linux
• Expertise in Burp Suite or similar tooling
• Purple team experience

The typical annual salary range for this position is shown below and is negotiable depending upon experience and location. The position is eligible for a discretionary annual bonus. $123,000.00 - $190,000.00