ISG is HIRING A

Lead Penetration Tester - Dep. Director

📍 United States 🌐 Fully Remote ⏰ Full Time
POSTED June 5, 2025

Please mention you found this job on TestDev Jobs. It helps us get more people to hire on our site. Thanks and good luck!

Tech Stack: AWS GCP Azure Python

Insight Assurance is considered one of the fastest-growing companies focusing on cybersecurity compliance. The company is a Florida-registered and licensed CPA firm, PCI Qualified Security Assessor (QSA), and ISO 27001 Certification Body founded by former Big-4 professionals (Former EY), looking to simplify the world of IT compliance. With over 20 years of professional experience working with hundreds of organizations from startups to Fortune 500 companies on a variety of engagements, the team at Insight Assurance partners with organizations looking to meet their organizational and compliance goals.

JOB PURPOSE

KEY RESPONSIBILITIES

Strategic & Team Leadership

  • Lead and manage the penetration testing department, including hiring, mentoring, performance management, and resource planning
  • Define departmental goals and key performance indicators in alignment with company objectives
  • Establish and continuously improve testing methodologies, quality assurance standards, and operational workflows
  • Serve as the primary point of contact for executive leadership on penetration testing matters

Lead and manage the penetration testing department, including hiring, mentoring, performance management, and resource planning

Define departmental goals and key performance indicators in alignment with company objectives

Establish and continuously improve testing methodologies, quality assurance standards, and operational workflows

Technical Leadership & Execution

  • Oversee and participate in complex penetration tests on enterprise networks, systems, applications, and cloud environments
  • Lead red team engagements, social engineering campaigns, and simulated real-world attacks
  • Ensure technical accuracy and completeness of all team deliverables and reports
  • Stay up to date with evolving threat landscapes, attack vectors, and security technologies to continuously innovate service offerings

Oversee and participate in complex penetration tests on enterprise networks, systems, applications, and cloud environments

Lead red team engagements, social engineering campaigns, and simulated real-world attacks

Ensure technical accuracy and completeness of all team deliverables and reports

Stakeholder Communication

  • Deliver clear, impactful reports and presentations for both technical teams and executive stakeholders
  • Translate findings into actionable recommendations and risk mitigation strategies
  • Collaborate with IT, GRC, SOC, and security operations teams to guide remediation efforts

Deliver clear, impactful reports and presentations for both technical teams and executive stakeholders

Translate findings into actionable recommendations and risk mitigation strategies

Compliance & Risk

  • Ensure the team's activities align with industry standards and regulatory frameworks such as PCI-DSS, HIPAA, and NIST
  • Develop, maintain, and enforce penetration testing policies and procedures

Ensure the team's activities align with industry standards and regulatory frameworks such as PCI-DSS, HIPAA, and NIST

Develop, maintain, and enforce penetration testing policies and procedures

REQUIREMENTS

Education & Experience

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field
  • At least 5 years of hands-on penetration testing experience, including web, network, social engineering, and red team assessments
  • Minimum 3 years of experience managing or leading technical teams in a cybersecurity context
  • Proven track record of successfully delivering enterprise-level security testing projects
  • Experience with exploit development and advanced attack simulation is a plus

Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field

At least 5 years of hands-on penetration testing experience, including web, network, social engineering, and red team assessments

Minimum 3 years of experience managing or leading technical teams in a cybersecurity context

Proven track record of successfully delivering enterprise-level security testing projects

Certifications (Required or Strongly Preferred)

  • OSCP (required)
  • OSCE, OSWE, OSEP, or similar advanced certifications (preferred)

OSCP (required)

OSCE, OSWE, OSEP, or similar advanced certifications (preferred)

TECHNICAL SKILLS

  • Expert-level knowledge of penetration testing tools (e.g., Metasploit, Burp Suite, OWASP ZAP, Cobalt Strike)
  • Deep understanding of network protocols, operating systems (Windows, Linux), and cloud infrastructure (AWS, Azure, GCP)
  • Strong command of scripting and programming (Python, Bash, PowerShell, etc.)
  • Experience with risk analysis and vulnerability management
  • Exceptional written and verbal communication skills, including the ability to write detailed technical reports for diverse audiences

Expert-level knowledge of penetration testing tools (e.g., Metasploit, Burp Suite, OWASP ZAP, Cobalt Strike)

Deep understanding of network protocols, operating systems (Windows, Linux), and cloud infrastructure (AWS, Azure, GCP)

Strong command of scripting and programming (Python, Bash, PowerShell, etc.)

Experience with risk analysis and vulnerability management

Exceptional written and verbal communication skills, including the ability to write detailed technical reports for diverse audiences

OTHER REQUIREMENTS

  • U.S. Citizenship or eligibility to obtain necessary security clearances (if applicable)
  • Ability to travel up to 25% if needed
  • Demonstrated leadership, strategic thinking, and ability to operate in a fast-paced environment
  • High level of integrity and discretion when handling sensitive information

U.S. Citizenship or eligibility to obtain necessary security clearances (if applicable)

Ability to travel up to 25% if needed

Demonstrated leadership, strategic thinking, and ability to operate in a fast-paced environment

High level of integrity and discretion when handling sensitive information

Benefits

Privacy Notice CCPA

  • Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
  • Insight Assurance does not sell personal data/information under any circumstances.
  • You may exercise your rights under personal data protection legislation by reaching out to us via:HR@insightassurance.comor submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602

Privacy Notice GDPR:

  • Identification

  • Contact

  • Education and Professional

  • Interview performance

  • Evaluation

  • Right of Access– meaning getting information about the Personal Data under Processing by us, except for the information you already know;

  • Right of Erasure– you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;

  • Right of Opposition or Restriction of Processing– you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;

  • Rectification– you can rectify your Personal Data at anytime

Please mention you found this job on TestDev Jobs. It helps us get more people to hire on our site. Thanks and good luck!