Assessments & Exercises Vice President - Offensive Security
On-site · Plano, Texas, United States
Job Summary
Assessments & Exercises Vice President in the Cyber and Tech Controls line leads offensive security testing initiatives, designing and executing risk-driven assessments and simulations (including penetration testing and adversary emulation), guiding a highly skilled team, and informing risk-based security strategy. Responsible for evaluating controls for effectiveness, collaborating with cross-functional teams to produce comprehensive assessment reports with findings, risk assessments, and remediation recommendations, and applying threat intelligence to enhance assessment strategies and regulatory compliance. The role requires leadership in developing methodologies, tools, and frameworks aligned with the firm’s strategy, plus strong communication to explain complex technical concepts to both technical and non-technical stakeholders.
Required Qualifications
- 5+ years of experience in cybersecurity with demonstrated expertise in offensive security testing, assessments, or simulation exercises
- Knowledge of US financial services sector cybersecurity practices, operations risk management, regulations, threats, and incident response methodologies
- Proficiency in multiple security assessment methodologies (e.g., OWASP Top Ten, NIST CSF) and offensive security testing tools
- Excellent written and verbal communication, collaboration, and ability to present complex technical findings to diverse audiences
- Strong understanding of operating systems (Windows, Linux, Unix, Mac), vulnerabilities, exploitation techniques, and security tooling (e.g., reconnaissance, scanning, exploitation, post-exploitation)
- Experience with manual penetration testing across web, mobile, and internal/external infrastructures
- Experience with threat intelligence usage and applying insights to assessment strategy and risk management
- Experience with logging/monitoring tools and centralized log platforms (e.g., Splunk, Elastic)
- Preferred certifications (CISSP, CISM, OSCP/OSEP/OSED/OSEE, CREST, SANS GPEN/GXPN)
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.