Lead Offensive Security Specialist

About Us At Stratascale, we are an innovative digital and cybersecurity services company focused on enabling Fortune 1000 companies to leverage technology, accelerate business growth, and adjust to market dynamics swiftly. We advocate for what we term Digital Agility. Job Overview We are looking for an experienced Lead Offensive Security Specialist to become a vital member of our Adversarial Operations team. In this impactful role, you will spearhead the development and provision of comprehensive threat management consulting services, penetration testing, and operational services tailored to satisfy the diverse needs of our esteemed clients. This role allows for remote work, with your home office setup organized by Stratascale management. Key Responsibilities Conduct penetration tests across various environments, including external, internal, and web application scenarios. Evaluate attack surfaces and threat landscapes, providing actionable recommendations for vulnerability improvements based on client assessments. Perform in-depth assessments and threat modeling following industry best practices to pinpoint control weaknesses. Execute root cause analyses on vulnerabilities, suggesting effective technical solutions and remediation strategies. Collaborate with client security teams to devise strategies to mitigate the identified vulnerabilities. Analyze relevant threat intelligence to enhance attack path modeling for various industries. Assess and communicate business risks and impacts associated with vulnerabilities to clients and stakeholders. Offer expertise in remediation, cloud security, governance, compliance, and core infrastructure systems. Support clients with strategies, technical analysis, compliance assessments, and platform utilization, including automation strategies. Develop and deliver governance models, security frameworks, compliance reports, and detailed security assessments. Partner with internal sales and technical teams to assist solution sales cycles and ensure successful solution delivery. Identify client needs and proactively suggest suitable solutions while pinpointing areas for improvement. Lead consulting projects, manage deliverables, and ensure client satisfaction throughout engagements. Create training materials and facilitate workforce development programs, offered both in-person and online. Participate in technical meetings to provide guidance and foster discussions. Stay informed about emerging technologies, industry trends, and best practices. Work alongside other practice leaders and mentor team members to enhance capabilities. Desired Competencies Communication: Effectively articulate complex ideas to various audiences and mentor others in communication techniques. Relationship Management: Foster strong connections across teams to drive impactful results through collaboration. Self-Starter: Manage complex initiatives independently while cooperating with others when necessary. Negotiation Skills: Skillfully navigate complex negotiations and cultivate consensus among team members. Influence: Motivate teams to pursue shared objectives. Business Acumen: Own significant business initiatives and collaborate with stakeholders to achieve outcomes. Emotional Intelligence: Adapt emotionally to contexts and assist others in doing the same. Attention to Detail: Supervise multiple projects carefully, ensuring accuracy through the identification of inconsistencies. Follow-Up: Actively manage tasks and engage with others for effective follow-ups. Presentation Skills: Utilize visual aids and storytelling to captivate audiences during presentations. Delegation: Effectively distribute tasks across teams, ensuring clarity in roles and responsibilities. Analytical Skills: Employ advanced techniques to dissect complex issues and produce actionable insights. Critical Thinking: Integrate information from various sources to inform strategic decisions. Technical Troubleshooting: Collaborate to handle complex technical issues and formulate solutions. Skills and Qualifications Expert in planning and executing penetration tests across networks, web and mobile applications, APIs, wireless, and cloud environments. Proficient with offensive security methodologies and frameworks, including PTES, OWASP, and MITRE ATT&CK. Extensive hands-on experience with offensive tools and techniques for reconnaissance, exploitation, and data exfiltration. Skilled in assessing cloud services (AWS, Azure, GCP), focusing on IAM misconfigurations and offering remediation guidance. Strong expertise in web application testing, targeting various vulnerabilities and modern application architectures. Knowledgeable in Active Directory and Azure AD attack paths, with abilities to simulate enterprise attack scenarios. Experienced in social engineering techniques, including the legal development of phishing payloads. Capable of automating testing and proof-of-concept creation using scripting languages like Python and PowerShell. Adept at producing clear exploit proofs-of-concept and thorough technical reports. Experience with red/purple team initiatives, converting findings into practical recommendations. Familiar with vulnerability management processes and responsible disclosure practices. Proficient in productivity tools such as Word, Excel, and PowerPoint for documentation and reporting purposes. Additional Requirements Bachelor's Degree in a related field or equivalent work experience is required. 5-7 years of practical experience in penetration testing/red team activities, especially within mid-to-large enterprises. Willingness to travel for client engagements and events as required. Preferred advanced industry certifications such as OSCP, OSWE, or CISSP. Strong grasp of legal and ethical standards, including best practices regarding client data handling. The estimated annual pay range for this position is $165,000 - $205,000, which includes base salary and bonus components. Compensation is determined by job-related knowledge, skills, experience, and market location. Benefits may include medical, vision, dental, 401K, and flexible spending accounts. We are an equal opportunity employer and encourage applications from individuals of all backgrounds regardless of gender, disability status, or veteran status.

Created: 2026-03-06