Sr. Manager, Offensive Security

At Early Warning, we've powered and protected the U.S. financial system for over thirty years with cutting-edge solutions like Zelle, Paze℠, and so much more. As a trusted name in payments, we partner with thousands of institutions to increase access to financial services and protect transactions for hundreds of millions of consumers and small businesses.

Positions located in Scottsdale, San Francisco, Chicago, or New York follow a hybrid work model to allow for a more collaborative working environment.

Candidates responding to this posting must independently possess the eligibility to work in the United States, for any employer, at the date of hire. This position is ineligible for employment Visa sponsorship.

Overall Purpose

The Senior Manager, Offensive Security position provides offensive security leadership for the Early Warning Offensive Security program. This includes conducting application and network penetration testing on all Early Warning product offerings to assess the product and infrastructure security posture. The position requires a high level of knowledge in the disciplines of offensive security, bug bounty program management, phishing, and password audit campaigns. The position reports to the Director, Offensive Security, and will work closely with product managers, security researchers, technology partners and security architects.

Essential Functions

• In depth knowledge of all aspects of offensive security.

• Implement security penetration testing directives as defined by the Director, Offensive Security, and in line with written security standards, and industry best practices.

• Responsible for the development, hiring and performance discussions management of the offensive security team.

• Responsible for the escalation and communication of penetration testing and bug bounty findings.

• Develop metrics to measure individual and team performance, as well as value provided to the organization.

• Assist with internal security investigations and emerging threat activities.

• Provides effective and positive leadership in developing highly engaged, high-performance teams that provide quality results.

• Researches, evaluates, and stays current on emerging security tools, trends, policies, best practices, techniques, and technologies.

• Communicate in an open and productive manner with all team members, leadership, and customers to collaboratively solve the needs of the business. Work with Security Architects and Engineers to gather information and conduct penetration tests.

• Maintain demonstrable knowledge of current vulnerability exploitation techniques.

• Interacts with customers, regulators, and auditors on a regular basis.

• Support the company's commitment to risk management and protecting the integrity and confidentiality of systems and data.

• The above job description is not intended to be an all-inclusive list of duties and standards of the position.

Minimum Qualifications

• Education typically obtained through security certifications or completion of a Bachelor's degree in Computer Science, Engineering, Math or equivalent work experience.

• Strong understanding of offensive and defensive security, including offensive evasion and defensive detection techniques.

• Strong understanding of enterprise and cloud networking and application technology.

• 4 years of general security penetration testing experience.

• 8 or more years of general IT or information security experience including at least 3 years of leadership, supervisory or mentorship experience.

• Demonstrated success or ability to retain highly engaged, high performing teams.

• Experience managing or supervising penetration testing efforts of other team members

• Working knowledge of communication network technologies.

• Advanced working understanding of penetration test assessment procedures and penetration test tools such as Kali Linux, proxies, and other industry standard tools.

• Expert knowledge of Open Web Application Security Project (OWASP) Top 10 Vulnerabilities and testing procedures.

• Advanced working understanding of information gathering techniques and processes.

• Advanced working understanding of web application technologies, programing languages, databases, Linux, Unix, Mac OSX, and Windows operating systems.

• Effective interpersonal skills.

• Experience in analyzing risk associated with security vulnerabilities required.

• Strong security assessment writing skills.

• Background and drug screen are required.

Preferred Qualifications

• 6 or more years of security experience within the financial sector.

• Hands-on practical Offensive Cybersecurity certifications (OSCP, OSWE, eJPT, Pentest+, eCPPT, eCPTX, eWPT, eWAPTX, GIAC, etc.) or equivalent.

• General information security management certifications (CISSP, CISM, CISA, etc.) or equivalent.

• Cloud certifications (SAA, SAP, AWS Security Specialty, etc.) or equivalent.

Physical Requirements

Working conditions consist of a normal office environment. Work is primarily sedentary and requires extensive use of a computer and involves sitting for periods of approximately four hours. Work may require occasional standing, walking, kneeling and reaching. Must be able to lift 10 pounds occasionally and/or negligible amount of force frequently. Requires visual acuity and dexterity to view, prepare, and manipulate documents and office equipment including personal computers. Requires the ability to communicate with internal and/or external customers.

Employee must be able to perform essential functions and physical requirements of position with or without reasonable accommodation.

Candidates responding to this posting must independently possess the eligibility to work in the United States at the date of hire.

The pay scale for this position in:

Phoenix, AZ/ Chicago, IL in USD per year is: $190,000 - $210,000.

New York, NY/ San Francisco, CA in USD per year is: $205,000 - $225,000.

This pay scale is subject to change and is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific candidate, which is always dependent on legitimate factors considered at the time of job offer. Early Warning Services takes into consideration a variety of factors when determining a competitive salary offer, including, but not limited to, the job scope, market rates and geographic location of a position, candidate's education, experience, training, and specialized skills or certification(s) in relation to the job requirements and compared with internal equity (peers). The business actively supports and reviews wage equity to ensure that pay decisions are not based on gender, race, national origin, or any other protected classes.

Additionally, candidates are eligible for a discretionary bonus, and benefits.

Some of the Ways We Prioritize Your Health and Happiness

• Healthcare Coverage

- Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.

• 401(k) Retirement Plan

- Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.

• Paid Time Off

• Unlimited Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.

• 12 weeks of Paid Parental Leave

• Maven Family Planning - provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.

And SO much more! We continue to enhance our program, so be sure to check our Benefits page here for the latest. Our team can share more during the interview process!

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Early Warning Services, LLC ("Early Warning") considers for employment, hires, retains and promotes qualified candidates on the basis of ability, potential, and valid qualifications without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote equal employment opportunity and affirmative action, in accordance with all applicable federal, state, and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our employees.