george-bernard-consulting~1mo ago
Lead Offensive Security Engineers
OtherEngineers
2 views0 saves0 applied
Quick Summary
Overview
Lead and manage offensive security activities including vulnerability assessments, penetration testing, and red team exercises. Plan, coordinate, and execute security assessments for networks,
Technical Tools
OtherEngineers
- Lead and manage offensive security activities including vulnerability assessments, penetration testing, and red team exercises.
- Plan, coordinate, and execute security assessments for networks, applications,
APIs, cloud platforms, endpoints, and infrastructure. - Conduct adversarial simulations to validate the effectiveness of security controls,
SOC monitoring, and incident response capabilities. - Identify, validate, prioritize, and report security vulnerabilities with clear remediation recommendations.
- Perform advanced penetration testing including web, mobile, API, Active Directory, cloud, wireless, and container/Kubernetes environments.
- Develop and maintain automated security assessment and validation capabilities
integrated with CI/CD and DevSecOps processes. - Execute phishing simulations, privilege escalation testing, lateral movement
testing, and threat emulation exercises aligned with real-world attack techniques. - Utilize and manage offensive security tools, frameworks, and platforms for
continuous security validation and attack surface assessment. - Map security testing activities to frameworks such as MITRE ATT&CK, NIST, PCI
DSS, ISO 27001, SWIFT CSP, and regulatory TRM requirements. - Collaborate with SOC, infrastructure, application, cloud, and DevOps teams to
improve detection, response, and remediation capabilities. - Prepare technical and executive-level assessment reports for management, audit, and regulatory stakeholders.
- Validate remediation effectiveness through re-testing and continuous monitoring
activities. - Develop offensive security methodologies, standards, procedures, and testing
playbooks. - Stay updated on emerging cyber threats, attack techniques, vulnerabilities, and
security technologies.
Requirements
~1 min read- Minimum 3+ years of experience in cybersecurity, including at least 1+ year in
technical leadership or senior engineering role. - Bachelor's degree in Information Security, Computer Science, Engineering, or a related discipline from a recognized university.
- Industry-recognized certifications such as CISSP, CISM, OSCP, CEH, or equivalent qualifications (preferred).
- Proven expertise in penetration testing, red team operations, and adversary emulation, covering enterprise environments (networks, applications, APIs, cloud, and Active Directory).
- Strong hands-on experience in security architecture assessment, vulnerability analysis, risk prioritization, and exploitation techniques.
- Experience with enterprise security technologies and detection controls, including SIEM, EDR/XDR, IDS/IPS, Firewalls, WAF, SOAR, and threat detection platforms.
- Strong knowledge of DevSecOps practices, secure software development lifecycle (SSDLC), and application security testing tools and methodologies (SAST, DAST, SCA, and API security testing).
- Strong understanding of MITRE ATT&CK framework, attack lifecycle modeling, and threat-informed security validation approaches.
- Proficiency in scripting and automation using Python, PowerShell, Bash, or similar languages for offensive security tooling and security process automation.
- Good understanding of zero-trust architecture, micro-segmentation, and software-defined security controls.
- Strong leadership and stakeholder management abilities
- Excellent analytical and problem-solving skills
- Ability to work under pressure and manage security incidents effectively
Location & Eligibility
Where is the job
Colombo, Sri Lanka
On-site at the office
Who can apply
LK
Listing Details
- First seen
- June 5, 2026
- Last seen
- July 14, 2026
Posting Health
- Days active
- 27
- Repost count
- 0
- Trust Level
- 14%
- Scored at
- July 3, 2026
Signal breakdown
freshnesssource trustcontent trustemployer trust
External application · ~5 min on george-bernard-consulting's site
Please let george-bernard-consulting know you found this job on Jobera.
4 other jobs at george-bernard-consulting
View all →Explore open roles at george-bernard-consulting.
Similar Engineers jobs
View all →AI Engineers
AI Engineer
$65k–$100k/yr
Remote
Epic Bridges Analyst / Interoperability Engineers
Remote
Elevate - Future Engineers Programme
Product Engineers -Cloud (Multiple Levels) Hybrid
Test Engineers Level II and III
Browse Similar Jobs
Manager7kTeam Member6.3kAssistant Manager5.6kEngineer4.3kDirector3.4kAssistant3.4kAssociate3.4kTechnician3.3kConsultant3.1kCoordinator2.7kData Collector2.4kSupervisor2.4kPart Time2.1kFitness & Wellness2.1kTeam Leader2kRestaurant General Manager2kAnalyst1.9kOperator1.5kLead1.5kAssistant General Manager1.5k
Newsletter
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
A
B
C
D
No spam. Unsubscribe at any time.