Head of Offensive Security

Head of Offsec

Sekuro is a trusted provider of information security consulting services. We are currently recruiting a smart, experienced and motivated security professional to join manage our Technical Assurance OFFSEC team and engagements in Asia. The role involves working with mid-market to enterprise level clients. The successful candidate will have a lot of latitude to make decisions and drive improvements with the support of the Senior Leadership Team. The role involves an interesting mix of:

• Leading a team to ensure Sekuro's objectives are achieved, in a positive work environment,

• Capitalising on your subject matter expertise to enable your peers, subordinates and Sekuro's customers succeed,

• Supporting the RED team, and wider Sekuro team, deliver industry leading advisory and consulting services to customers around asia,

• Exceeding customers expectations through a collaborative, quality focused mindset.

About the role

The role is suited for professionals with experience in manual penetration testing and a passion for all things security. We are seeking individuals that have experience in managing projects and people, ideally in a consulting capacity.

In addition to offering great career growth opportunities, the position offers benefits such as training and certification opportunities, hybrid working arrangements, a good working culture, and the opportunity to become a well-rounded manager whilst working with a team of like-minded, friendly professionals.

Whilst the life of a consultant is varied and we'd never set these in stone, the composition of the role should be expected to be:

• 10% Direct delivery of work.
• 20% Engagement Management (Inc. Quality Assurance).
• 35% Mentoring peers and junior team members.
• 35% Sales support and leading internal improvement activities.

The responsibilities include:

• Team Leadership: Provide strong leadership and guidance to an assigned team, promote a positive work environment and a culture of high performance. Track goals for success and provide regular feedback. Support the professional development of team members. Encourage collaboration and cross-functional cooperation to achieve business objectives.

• Operational Oversight: Oversee the day-to-day aspects of the line of business operations, supporting senior leadership sales, marketing, scheduling, delivery, and customer escalations and service. Ensure processes are followed to meet customer expectations, optimise resource allocation, and maintain high-quality standards.

• Subject matter expert: Maintain a high level of expert understanding and knowledge in the agreed area(s) of specialisation. Complete independent and supported study to enable you to be seen as a domain leader within the broader industry. Utilise your understanding to support the delivery of existing opportunities and enable the growth of your line of business.

• Relationship Management: Build and maintain strong relationships with key stakeholders, including clients, partners, suppliers, and industry influencers. Act as the primary point of contact for client engagements (as assigned).

• Sales Support: Provide on-going sales support to scope engagements, guide proposal development – be accountable for the technical accuracy of proposal content, assist marketing and leading internal improvement activities.

• Strategic Planning: Co-own part of the comprehensive strategic plan for the line of business, assisting senior leadership to achieve the overall company objectives. Understand market trends, competitor activities, and customer demands to recommend opportunities for growth and differentiation. Recommend strategies to enhance market share and drive sustainable business growth.

A suitable candidate would have some or most of the following attributes:

• Minimum of 4 years of demonstrable experience in applied, web application, mobile and infrastructure penetration testing, including manual testing.
• 6-10 years of experience in other relevant ICT and/or security domains.
• Experience with common development languages.
• Experience with common vulnerability detection tools.
• Experience in writing professional reports to communicate complex problems and present recommendations for change.
• Excellent oral communication and presentation skills.
• Comfortable dressing to make a professional impression whenever they represent Sekuro.
• Previous experience managing short engagements and longer projects.
• Able to confidently engage with both technical business and technology stakeholders.
• Holds contemporary penetration testing certifications.

Additionally, candidates with competency in the following are highly desirable:

• Awareness of OFFSEC frameworks/methodologies/certifications which may be relevant to technical engagements like OWASP, NIST, CORIE, CREST, Offensive Security, SANS etc.
• Awareness of the breadth in security, and project management, around frameworks/methodologies/certifications such as PMP, NIST CSF, CISM, CISSP.
• Has held Security Clearance in the past.