The Role

Strategic and technically adept cybersecurityprofessional with deep expertisein VulnerabilityManagement,OffensiveSecurity, and advanced threat detection. AsLeadof Cyber ThreatEngineering,this individual willberesponsible fordriving proactive defense initiatives that identifyand mitigate risks before they can be exploited. Experienced in leading red and purple team operations, orchestrating vulnerability assessments, and integrating threat intelligence to inform remediation and hardening strategies. Skilled in aligning offensive security insights with enterprise risk managementand Incident Response Strategies, improving security posture through automation, and fostering a culture of continuous testing and improvement. Recognized for building high-performing teams that bridge the gap between adversary emulation and defensive readiness to ensure comprehensive protection across digital assets.

We are looking for candidates who have a passion for cyber security, threat detection, risk mitigation, and automation. You will provide insight in our efforts to build and support a defensible environment where we are able to detect, contain and respond quickly to threats, vulnerabilities and compromise in ways that serve to enable the technology needs of a highly collaborative organization. The environment is fast-paced and commonly on the leading edge of technology, including early adoption of various cloud services along with the challenges of integrating those services into our security practice. 

Responsibilities 

• Support leadership with enterprise-wide vulnerability identification, assessment, and remediation programs across infrastructure, cloud, and applications. 

• Provide continuous visibility to new and emerging threats against existing security controls; ensuring controls remain effective to changing business and threat landscapes. 

• Work across the Tech department to enhance security posture capabilities to limit security misconfigurations through secure configuration standards, monitoring, and remediation. 

• Integrate automated scanning and vulnerability intelligence into CI/CD and asset management systems. 

• Translate offensive findings into actionable security improvements and detection of engineering use cases. 

• Collaborate with defensive teams to validate security controls and improve resilience through continuous testing. 

• Support the Offensive Security Lifecycle via management of internal and external Cyber Threat and Offensive Security assessments. 

• Partner closely with Incident Response teams to enhance detection of logic, playbooks, and threat-hunting capabilities. 

Required Capabilities 

• A minimum of 6 years’ experience delivering information security solutions, ideally with A mixed focus on offensive and defensive security roles.  

• bachelor’sor master’s degree in a relevant field of work

• Hands on experience inCyber Threat and Offensive Securityoperationsto test and validatethe effective operation of security controls,measuring the ability to stop threats and attacks at the earliest point in the kill chain

• Proventrack recordworking as both an individual contributor and leadin the areas of CyberThreat,VulnerabilityManagement, or Incident Response

• Strong understanding of the fundamental operations of servers, operating systems, networks,cloudapplicationsand infrastructurealong with an advanced understanding of the key controls required for secure operation of these systems 

• experience scriptingin at least one of the following languages:  PowerShell, Python, JavaScript

• experiencein aligning threat and vulnerability management efforts to frameworksand control objectives- MITRE ATT&CK, NIST CSF, ISO27001, Center for Internet Security, OWASP, 

• Experience integrating thefollowing toolsand capabilitiesintoa successfulthreat and vulnerabilityprogram – Security OrchestrationAutomation and Response, Security Information and Event Management, Vulnerability Scanning,SecurityThreat Feeds,Red TeamTooling