Sr. Manager, Information Security – Application Security & Red Team

Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. 

We are seeking an experienced and hands-on security leader to build, lead, and scale our Red Team and Application Security function. This role will be responsible for identifying security weaknesses through adversary emulation, penetration testing, attack simulations, and offensive security assessments across Netskope's products, cloud infrastructure, and enterprise environments.

As a key member of the Information Security organization, you will partner closely with Product Security, Engineering, Security Operations, and Infrastructure teams to proactively assess risk, validate security controls, and strengthen Netskope's overall security posture.

• →Lead and mentor a team of Red Team and application Security engineers.
• →Support Executive and Leadership Alignment of the application security and red teaming programs with Engineering and Platform teams. 
• →Define and execute the offensive security strategy, roadmap, and testing methodologies.
• →Conduct and oversee adversary emulation exercises, red team operations, penetration testing, and security assessments.
• →Evaluate the effectiveness of security controls through realistic attack simulations and threat-informed testing.
• →Partner with Security Operations and Detection Engineering teams to drive purple team exercises and improve detection and response capabilities.
• →Perform offensive security assessments across cloud environments, applications, APIs, containers, Kubernetes platforms, and enterprise infrastructure.
• →Research emerging threats, attacker techniques, and offensive security trends to continuously improve testing capabilities.
• →Provide risk-based recommendations and work closely with engineering teams to drive remediation efforts.
• →Communicate security findings, risks, and strategic recommendations to technical and executive stakeholders.
• →Build and scale offensive security programs, processes, and talent within the organization.

• 10+ years of experience in Offensive Security, Red Teaming, Penetration Testing, Security Research, or related cybersecurity disciplines.
• 3+ years of experience leading and developing high-performing security teams.
• Strong expertise in adversary emulation, red teaming, penetration testing, and threat-driven security assessments.
• Deep understanding of modern attack techniques, MITRE ATT&CK framework, and offensive security methodologies.
• Experience assessing cloud platforms (AWS, Azure, GCP), enterprise environments, and cloud-native technologies including containers and Kubernetes.
• Strong understanding of application security, network security, identity security, and detection engineering concepts.
• Excellent communication skills with the ability to influence and collaborate across technical and business teams.

• Experience in SaaS, cloud security, or cybersecurity product companies.
• Hands-on experience with purple teaming, threat hunting, exploit development, or security research.
• Industry certifications such as OSCP, OSEP, OSWE, GXPN, GPEN, CISSP, or equivalent.
• Contributions to the security community through research publications, conference speaking, open-source projects, CVEs, patents or bug bounty programs are a plus.

#LI-AB1