EXL
Assistant Vice President Cybersecurity - Offensive Security Lead
EXL, Jersey City, New Jersey, United States, 07390
Assistant Vice President Cybersecurity - Offensive Security Lead
Join to apply for the
Assistant Vice President Cybersecurity - Offensive Security Lead
role at
EXL This range is provided by EXL. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$125,000.00/yr - $155,000.00/yr Additional compensation types
Annual Bonus About EXL:
EXL (NASDAQ:EXLS) is a leading operations management and analytics company that helps businesses enhance growth and profitability in the face of relentless competition and continuous disruption. Using our proprietary methodologies, we integrate analytics, data management, digital, BPO, consulting, industry best practices and technology platforms to help companies improve operations, insights, customer satisfaction, and risk management. EXL serves a variety of industries and has a global presence. AVP Cybersecurity — Offensive Security Lead
focuses on assessing and challenging the security posture across a comprehensive portfolio of products, services and infrastructure. The individual will utilize a variety of tools, act as a key team member and leader in testing engagements, advocate for cybersecurity best practices, and provide strong recommendations in this domain.
Conduct red team operations by serving either the red team lead or the secondary operator on engagements. As an engagement red team lead, you'll strategically plan scenario execution, orchestrate team resources and timelines, and make critical technical decisions that drive successful outcomes in complex, high-stakes environments.
Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems
Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness
Automate portions of assessments, scoping, or other offensive security work to inform and drive engagements
Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats
Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles
Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
Influence and align the team’s strategy, and collaboratively prioritize and deliver multi-year roadmaps and projects
Leverage deep technical expertise in operating systems, network architecture, and infrastructure fundamentals to execute sophisticated attack chains and navigate complex enterprise environments during red team operations
Pioneer cutting-edge offensive security capabilities in coordination with malware and capability developers by researching, developing, and operationalizing innovative techniques and tools
Offer mentorship or coaching to team members, and share knowledge externally through blogs, webinars, or conferences
Collaborate with cross-functional teams on scoping initiatives, provide subject matter expertise in high-stakes sales presentations, and contribute strategic technical insights to marketing campaigns
Help define, document, and refine internal technical processes, service methodologies, and tactical procedures (TTPs) that standardize excellence across engagements
Perform administrative tasks related to day-to-day consulting activities to ensure smooth operations
Qualifications
Bachelor’s degree or higher in IT, Computer Science, Engineering or Math, or equivalent experience
8+ years of adversarial simulation engagements; 10-15 years of overall relevant experience
Red Team or Penetration Testing qualifications (CCSAS, CCSAM, CRTO, OSED, OSCE) or GXPN, GPEN, OSCP, GWAPT or similar
Working knowledge of Windows, Linux and macOS internals
Extensive understanding of MITRE ATT&CK, OWASP Top 10, and other security frameworks
Expertise in Windows Active Directory exploitation and lateral movement
Experience with cloud platforms (AWS/Azure/GCP), O365/Google Workspace, and container technologies (Kubernetes/Docker)
Ability to conduct cyber risk assessments using frameworks like NIST CSF, ISO 27001/2, PCI, CIS Top 20, CMMC, etc.
experience with cloud penetration testing of workloads and post-permission exploitation
Provide client recommendations to monitor and protect sensitive data and systems, including response and recovery
Familiarity with offensive tools and a deep technical understanding of offensive and defensive IT concepts
Ability to research emerging privacy technologies and contribute to open-source tools and AI privacy standards
Act as consultant and advocate for privacy best practices as part of Responsible AI
Preferred Qualifications
Strong communicator with the ability to influence engineers, developers, architects, and business leaders
Pragmatic, collaborative, and capable of operating in a fast-paced environment
Experience embedding security into developer culture and reducing risk without slowing innovation
Articulate risks, impacts, and actionable resolutions to internal stakeholders
Broad security domain knowledge with focus on AI security evaluations and areas such as Red Teaming, Purple Teaming, Vulnerability Research, and Exploitation
Master's degree in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or related field
Seniority level
Mid-Senior level Employment type
Full-time Job function
Consulting and Information Technology Industries: Professional Services Get notified about new Vice President Security jobs in Jersey City, NJ.
#J-18808-Ljbffr
Join to apply for the
Assistant Vice President Cybersecurity - Offensive Security Lead
role at
EXL This range is provided by EXL. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$125,000.00/yr - $155,000.00/yr Additional compensation types
Annual Bonus About EXL:
EXL (NASDAQ:EXLS) is a leading operations management and analytics company that helps businesses enhance growth and profitability in the face of relentless competition and continuous disruption. Using our proprietary methodologies, we integrate analytics, data management, digital, BPO, consulting, industry best practices and technology platforms to help companies improve operations, insights, customer satisfaction, and risk management. EXL serves a variety of industries and has a global presence. AVP Cybersecurity — Offensive Security Lead
focuses on assessing and challenging the security posture across a comprehensive portfolio of products, services and infrastructure. The individual will utilize a variety of tools, act as a key team member and leader in testing engagements, advocate for cybersecurity best practices, and provide strong recommendations in this domain.
Conduct red team operations by serving either the red team lead or the secondary operator on engagements. As an engagement red team lead, you'll strategically plan scenario execution, orchestrate team resources and timelines, and make critical technical decisions that drive successful outcomes in complex, high-stakes environments.
Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems
Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness
Automate portions of assessments, scoping, or other offensive security work to inform and drive engagements
Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats
Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles
Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
Influence and align the team’s strategy, and collaboratively prioritize and deliver multi-year roadmaps and projects
Leverage deep technical expertise in operating systems, network architecture, and infrastructure fundamentals to execute sophisticated attack chains and navigate complex enterprise environments during red team operations
Pioneer cutting-edge offensive security capabilities in coordination with malware and capability developers by researching, developing, and operationalizing innovative techniques and tools
Offer mentorship or coaching to team members, and share knowledge externally through blogs, webinars, or conferences
Collaborate with cross-functional teams on scoping initiatives, provide subject matter expertise in high-stakes sales presentations, and contribute strategic technical insights to marketing campaigns
Help define, document, and refine internal technical processes, service methodologies, and tactical procedures (TTPs) that standardize excellence across engagements
Perform administrative tasks related to day-to-day consulting activities to ensure smooth operations
Qualifications
Bachelor’s degree or higher in IT, Computer Science, Engineering or Math, or equivalent experience
8+ years of adversarial simulation engagements; 10-15 years of overall relevant experience
Red Team or Penetration Testing qualifications (CCSAS, CCSAM, CRTO, OSED, OSCE) or GXPN, GPEN, OSCP, GWAPT or similar
Working knowledge of Windows, Linux and macOS internals
Extensive understanding of MITRE ATT&CK, OWASP Top 10, and other security frameworks
Expertise in Windows Active Directory exploitation and lateral movement
Experience with cloud platforms (AWS/Azure/GCP), O365/Google Workspace, and container technologies (Kubernetes/Docker)
Ability to conduct cyber risk assessments using frameworks like NIST CSF, ISO 27001/2, PCI, CIS Top 20, CMMC, etc.
experience with cloud penetration testing of workloads and post-permission exploitation
Provide client recommendations to monitor and protect sensitive data and systems, including response and recovery
Familiarity with offensive tools and a deep technical understanding of offensive and defensive IT concepts
Ability to research emerging privacy technologies and contribute to open-source tools and AI privacy standards
Act as consultant and advocate for privacy best practices as part of Responsible AI
Preferred Qualifications
Strong communicator with the ability to influence engineers, developers, architects, and business leaders
Pragmatic, collaborative, and capable of operating in a fast-paced environment
Experience embedding security into developer culture and reducing risk without slowing innovation
Articulate risks, impacts, and actionable resolutions to internal stakeholders
Broad security domain knowledge with focus on AI security evaluations and areas such as Red Teaming, Purple Teaming, Vulnerability Research, and Exploitation
Master's degree in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or related field
Seniority level
Mid-Senior level Employment type
Full-time Job function
Consulting and Information Technology Industries: Professional Services Get notified about new Vice President Security jobs in Jersey City, NJ.
#J-18808-Ljbffr