Offensive Security Associate Manager

ALTO Network is a leading payment infrastructure provider as well as the pioneer in payment solution by always bringing the most innovative and impactful technology to connect merchants or financial institutions with their customers to grow their businesses nationwide and beyond.

Offensive Security Associate Manager

Role Purpose

Leading offensive security operations, including penetration testing, red teaming, and vulnerability assessments.

• Lead and manage a team of offensive security professionals, including penetration testers, red team members, and vulnerability analysts.
• Provide mentorship, training, and performance feedback to team members.
• Collaborate with cross-functional teams, including IT, development, and operations, to prioritize and remediate security vulnerabilities identified through offensive security testing.
• Communicate findings and recommendations to technical and non-technical stakeholders.
• Plan, coordinate, and execute offensive security operations, including penetration tests, red team exercises, and vulnerability assessments, to identify and exploit security weaknesses in our systems, networks, and applications.
• Continuously assess and improve offensive security practices, methodologies, and tools based on industry trends, lessons learned from previous engagements, and feedback from stakeholders.
• Risk/Findings audit to be fulfilled. Ensure staff are informed and trained to support good corporate governance in their specific areas of work.

• Penetration Testing: In-depth knowledge of penetration testing methodologies, including reconnaissance, enumeration, exploitation, post-exploitation, and reporting.
• Red Teaming: Understanding of red teaming techniques and tactics to simulate real-world cyber attacks and assess an organization's security posture.
• Vulnerability Assessment: Proficiency in conducting vulnerability assessments across various attack surfaces, including networks, systems, applications, and cloud environments.
• Vulnerability Assessment: Proficiency in conducting vulnerability assessments across various attack surfaces, including networks, systems, applications, and cloud environments.
• Exploit Development: Familiarity with exploit development techniques and methodologies to identify and exploit security vulnerabilities.
• Scripting and Programming: Proficiency in scripting and programming languages such as Python, PowerShell, or Bash for automation, tool development, and exploit scripting.
• Regulatory Compliance: Understanding of relevant laws, regulations, and industry standards related to offensive security testing, including legal and ethical considerations.
• Cybersecurity: Knowledge of cybersecurity principles, practices, technologies, and regulatory requirements.

• Penetration tests, vulnerability assessments, and security audits (VAPT) Red teaming exercises and adversarial simulation techniques.
• Metasploit , Burp Suite, Nmap Scripting languages (e.g., Python, PowerShell) MobSF (Mobile Security Framework) Drozer OWASP Mobile Security Testing Guide (MSTG)

• Collaborative Leadership
• Time Management Skills
• Vision and Strategy
• Conflict Management Skills
• Emotional Resilience

Experience in leading and managing offensive security operations, including penetration tests, red team exercises, and vulnerability assessments.Experience with threat intelligence analysis, security research, and incident response support.Minimum of 3 years of experience in offensive security roles, with at least 2 years in a leadership or supervisory position.

Bachelor's degree in computer science, information security, or a related field. Master's degree preferred. Offensive Security Certifications: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), or similar certifications highly desired.