Lead Security Consultant - Offensive Security
Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.
About the Role:
We are seeking a highly skilled and experienced Lead Security Consultant specializing in penetration testing to join our cybersecurity consulting team. In this role, you will lead complex security assessments, manage client relationships, and provide technical leadership and mentorship to junior consultants. You will work across various industries to help clients identify and mitigate security vulnerabilities in their networks, applications, and systems.
Responsibilities:
Lead and execute advanced penetration tests across internal/external networks, web/mobile apps, APIs, cloud, and wireless environments
Perform vulnerability assessments and exploit development to assess system and application security
Design and conduct red and purple team exercises simulating real-world adversary tactics (TTPs)
Develop assessment plans and tailor testing methodologies to client environments
Create detailed, high-quality reports and present findings to technical and executive audiences
Serve as client-facing lead throughout the engagement lifecycle (scoping to post-delivery support)
Mentor junior consultants and support development of internal tools and methodologies
Research emerging threats, attack techniques, and offensive security tools
Support presales efforts including scoping, proposals, and client presentations
Conduct threat analysis and provide mitigation guidance based on trends and attack patterns
Correlate and analyse threat data to identify indicators of compromise and attacker behaviour
Produce threat intelligence summaries and track evolving trends across industries
Collaborate on cross-functional research projects under tight deadlines
Develop tools, scripts, and automated processes to enhance testing and reporting workflows
Requirements:
5+ years of hands-on experience in penetration testing and offensive security in of the following areas:
Executing network, wireless, web application, and API penetration tests
Experience with Active directory (AD) and Kerberos
Experience conducting vulnerability management and assessments
Experience conducting social engineering assessments
Experience conducting Purple Team and Red Team exercises
Deep understanding of network protocols, operating systems, web technologies, and application security concepts
Strong experience with industry-standard tools (e.g., Burp Suite, Cobalt Strike, Metasploit, Nmap, Nessus, etc.)
Demonstrated experience conducting Red Team operations or simulated adversary engagements
Proficiency in scripting or coding (Python, Bash, PowerShell, etc.)
Relevant certifications such as OSCP, OSCE, GPEN, GWAPT, or equivalent
Excellent communication skills, both written and verbal
Ability to lead teams and manage client expectations in high-pressure environments
Source code review for control flow and security flaws
General knowledge of the MITRE ATT&CK Framework
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
About the job
Apply for this position
Lead Security Consultant - Offensive Security
Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.
About the Role:
We are seeking a highly skilled and experienced Lead Security Consultant specializing in penetration testing to join our cybersecurity consulting team. In this role, you will lead complex security assessments, manage client relationships, and provide technical leadership and mentorship to junior consultants. You will work across various industries to help clients identify and mitigate security vulnerabilities in their networks, applications, and systems.
Responsibilities:
Lead and execute advanced penetration tests across internal/external networks, web/mobile apps, APIs, cloud, and wireless environments
Perform vulnerability assessments and exploit development to assess system and application security
Design and conduct red and purple team exercises simulating real-world adversary tactics (TTPs)
Develop assessment plans and tailor testing methodologies to client environments
Create detailed, high-quality reports and present findings to technical and executive audiences
Serve as client-facing lead throughout the engagement lifecycle (scoping to post-delivery support)
Mentor junior consultants and support development of internal tools and methodologies
Research emerging threats, attack techniques, and offensive security tools
Support presales efforts including scoping, proposals, and client presentations
Conduct threat analysis and provide mitigation guidance based on trends and attack patterns
Correlate and analyse threat data to identify indicators of compromise and attacker behaviour
Produce threat intelligence summaries and track evolving trends across industries
Collaborate on cross-functional research projects under tight deadlines
Develop tools, scripts, and automated processes to enhance testing and reporting workflows
Requirements:
5+ years of hands-on experience in penetration testing and offensive security in of the following areas:
Executing network, wireless, web application, and API penetration tests
Experience with Active directory (AD) and Kerberos
Experience conducting vulnerability management and assessments
Experience conducting social engineering assessments
Experience conducting Purple Team and Red Team exercises
Deep understanding of network protocols, operating systems, web technologies, and application security concepts
Strong experience with industry-standard tools (e.g., Burp Suite, Cobalt Strike, Metasploit, Nmap, Nessus, etc.)
Demonstrated experience conducting Red Team operations or simulated adversary engagements
Proficiency in scripting or coding (Python, Bash, PowerShell, etc.)
Relevant certifications such as OSCP, OSCE, GPEN, GWAPT, or equivalent
Excellent communication skills, both written and verbal
Ability to lead teams and manage client expectations in high-pressure environments
Source code review for control flow and security flaws
General knowledge of the MITRE ATT&CK Framework
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.