Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Manager, Offensive and Application Security (Remote)

Trinity Health

Livonia, MI
  • Remote job

Description Manages and develops the Offensive and Application Security Team. This role develops and performs penetration testing or adversary simulation engagements. The leader will oversee a team that communicates findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel. Provides constructive suggestions for improving our security posture and controls, hone its defensive capabilities, and measure the effectiveness of its security operations. Maintains an effective and efficient approach to information security that is both balanced and consistent with the mission, values, and operating goals of Trinity Health. Performs security reviews of application designs, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS). Identifies and clearly articulates (written and verbal) findings to senior management and clients. Participates in security assessments of networks, systems and applications. Coaches members of the Red Team, guiding them in offensive security tactics and strategies. Leads the secure code review program to ensure adherence to security best practices and policies. Promotes continuous testing exercises in collaboration with the Incident Response and Security Monitoring teams to validate the effectiveness of security measures. Develops automation to enhance the efficiencies of the security program, streamlining processes and improving response times. Manages the overall performance of the team in terms of effectiveness, efficiency, productivity, and quality. Assigns work, completes staff evaluations, conducts new hire interviews, and mentors staff. Oversees scheduling of resources to execute and support the threat intel domain through Red Team operational procedures (communication and tracking). Coordinates activities that may impact other IT supported areas. Develops and maintains detailed documentation relative to application penetration testing (APT) and dynamic application security testing. Conducts DAST, static application security testing (SAST), and source composition analysis (SCA). Directly manages, mentors and supports the Application Security function in conducting secure code reviews, vulnerability assessments, and ensuring compliance with security best practices. Evaluates and reports on application security metrics and performance, aligning with Trinity Health's strategic objectives and operational goals. Facilitates the departmental initiatives to achieve business and organizational goals, vision and objectives. Develops and manages team budget. Supports planning, communicating, coordinating, and performing manual penetration testing and security assessments at application, system and enterprise level. Identifies and drives process improvement within Red Team program. Partners with business groups/clients to design processes & scope of penetration testing & security assessment methodologies. Partners with the delivery team to identify and drive delivery of opportunities to automate, improve efficiency, reduce the number of steps to perform the function while ensuring quality. Acts as a liaison between business and technical employees to translate requirements/needs in both directions. Works closely with the incident and threat hunting teams, and various lines of business to mitigate risk. Pay grade 17 range $122,View phone number on click.appcast.io,711.1074. Actual compensation will fall within the range but may vary based on factors such as experience, qualifications, education, location, licensure, certification requirements, and comparisons to colleagues in similar roles. Employment Type Full time Minimum Qualifications Bachelor of Science in Information Technology – Cyber Security, or an equivalent combination of education and experience. Five (5) to seven (7) years of progressive experience with comprehensive knowledge of hardware, software, application, and systems engineering in multiple IT disciplines (network, web applications, server hardware and software, vulnerabilities, and risk - assessment and management) with a focus in the following information security disciplines. 5+ years of information security experience. 3+ years of penetration testing, red teaming, ethical hacking, application security, or similar management experience. Experience and demonstrated knowledge of adversarial tactics, techniques and procedures. Strong understanding of threat actors and the TTPs used by known threat actors. Comprehensive knowledge of information security practices (technical, operational, and administrative) in Network penetration testing and manipulation of network infrastructure. Experience in performing external and internal penetration tests using security testing tools, such as BurpSuite, Mimikatz, Metasploit, Nessus, HP Web Inspect, or other tools. Applying an understanding of the principles of information security engineering, architecture, and application security. Experience leading pen testing security teams focused on enterprise, web, and mobile applications. Document and explain technical details in a concise, understandable manner to business owners. Experience with networking components (routers, switches, load balancers, wireless access points, etc.). Intrusion Detection analysis and prevention, Data Loss Prevention, Windows / Linux / Mac OSX Operating systems. Comprehensive knowledge of client/server relationships and multi-tier environments, load balancers / Web Application Firewalls, Active Directory, DHCP, DNS, PKI. Networking technologies: routers, switches, firewalls. Demonstrated ability to independently perform web, mobile, and thick application penetration tests. Understanding of web-based application vulnerabilities (OWASP) network security and popular attacks vectors. Knowledge of Windows, Linux, Unix, any other major operating systems, and deep understanding of TCP/IP network protocols. Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends in Cloud implementations. Knowledge and skills of monitoring of security vulnerabilities, threats, exposures, associated risk, and mitigating solutions. Knowledge and understanding of web services, SOA (Services Oriented Architecture), micro-services, and API biased architectures. Experience in using automated code tooling related to building or deploying code to operational environments. Exposure and/or experience with various security testing techniques such as manual code reviews, dynamic application security testing (DAST), static application security testing (SAST), source composition analysis (SCA), and penetration testing. Understanding of software development life cycle, coding standards, and software security principles. Familiarity with reading and using a variety of programming languages and frameworks. Experience with software development/deployment methodologies including Agile, Continuous Integration/Continuous Deployment (CI/CD), and DevSecOps. Desired Security certifications: GWAPT (GIAC Web Application Penetration Tester), CSSIP (Certified Information Systems Security Professional), GCIH (GIAC Certified Incident Handler), CEH (Certified Ethical Hacker), which may also substitute an equivalent combination of education and experience. Strong knowledge of HIPAA, ISO 27001/2, FISMA, FIPS, OWASP and NIST security. Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic. Ability to manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and workload. Our Commitment Rooted in our Mission and Core Values, we honor the dignity of every person and recognize the unique perspectives, experiences, and talents each colleague brings. By finding common ground and embracing our differences, we grow stronger together and deliver more compassionate, person-centered care. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other status protected by federal, state, or local law. #J-18808-Ljbffr Trinity Health

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Manager, Offensive and Application Security (Remote) in Livonia, MI vacancy
  • Trinity Health seeks a Manager of Offensive and Application Security to lead and grow the team responsible for offensive testing, app security, and secure development practices. You will direct penetration testing, red team engagements, and secure code reviews across web... 
    Remote job
    Application

    Relha LLC

    Livonia, MI
    1 day ago
  •  ...is seeking a Senior Specialist for its Offensive Security team to lead penetration tests and...  ...enhance cybersecurity measures. This fully remote position allows talented professionals...  ...of 3 years' experience in network and application security assessments, with a proven... 
    Remote job
    Application

    Cyber Advisors

    New York, NY
    1 day ago
  •  ...the gold standard for securing software systems is human...  ...stepping up to scale offensive security to meet the...  ...empathy and credibility Manage pipeline with a focus...  ...in Security, Application Security 5+ years of experience...  ...Should Know Location: Remote APAC Contract: Full‑... 
    Remote work
    Application
    Full time
    Contract work

    XBOW

    New York, NY
    2 days ago
  •  ...Sr. Offensive Security Consultant (Alpha Group) Remote - US VerTALENTS is a subsidiary of VerSprite Cybersecurity. Specializing in technology staffing and...  ...role focuses on advanced penetration testing and application security engagements while working closely with clients... 
    Remote work
    Application
    Full time

    Vertalents

    New York, NY
    8 hours ago
  •  ...platform-enabled unified security operations company...  ...UltraViolet Cyber provides both managed and custom-tailored...  ...drive growth for our Offensive Security Services...  ...testing, red teaming, application security assessments,...  ...and comfortable in a remote-first environment. Preferred... 
    Remote work
    Application

    UltraViolet Cyber

    Mc Lean, VA
    4 days ago
  • $121k - $148k

     ...Continuous Threat Exposure Management (CTEM). The HackerOne...  ...largest community of security researchers to...  ...the security industry. Offensive security is no longer...  ...Marketing Manager Remote Location: Boston, MA;...  ...vulnerability management, application security, or the broader... 
    Remote work
    Application
    Apprenticeship
    Local area
    Flexible hours
    Shift work

    HackerOne

    Seattle, WA
    1 day ago
  •  ...seeking an experienced Penetration Tester/Offensive Security Consultant to lead the Offensive...  ...comprehensive penetration testing on networks and applications, mentoring junior testers, and...  ...of security vulnerabilities. This remote position offers competitive pay and benefits... 
    Remote job
    Application

    Control Gap Inc.

    New York, NY
    1 day ago
  •  ...Description The ServiceNow Security Organization (SSO) The ServiceNow...  ...our systems, networks, and applications. Through these engagements,...  ...Strong technical skills in offensive security with experience...  ...trust. Work personas (flexible, remote, or required in office) are... 
    Remote work
    Application
    Work at office
    Flexible hours

    ServiceNow

    Addison, TX
    1 day ago
  •  ...New York City) New York or New Jersey Remote Bishop Fox is the leading authority in offensive security, providing solutions ranging from...  ...testing, red teaming, and attack surface management to product, cloud, and application security assessments. We've worked with... 
    Remote work
    Application
    Local area
    Work from home

    Bishop Fox

    New York, NY
    2 days ago
  •  ...salaried Director of Information Security will own the strategy and...  ...governance while working remotely. Key responsibilities Own and...  ..., including product and application security, cloud security, and...  ...security with direct people management experience Proven track record... 
    Remote work
    Application
    Full time

    Virtual Vocations Inc

    United States
    2 days ago
  • $117.6k - $161.7k

     ...re building a new AI & Offensive Tooling capability inside our Offensive Security organization, and we’...  ...Conduct network, web‑application, cloud, and infrastructure...  ...and the NIST AI Risk Management Framework. Model...  ...Travel: While this is a remote position, occasional travel... 
    Remote work
    Application
    Temporary work
    Apprenticeship
    Work at office
    Work from home
    Home office

    Humana

    Louisville, KY
    1 day ago
  • $150k - $175k

     ...listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Red Team Engineer / Offensive Security Lead based in the United States. This...  ..., skills, and qualifications. Remote‑first work environment with flexibility... 
    Remote work
    Application
    Flexible hours

    Jobgether

    New York, NY
    2 days ago
  •  ...programs is top-of-mind for security leaders in mature organizations...  ...has successfully sold a SaaS application into the CISO / InfoSec and/...  ...multiple pathways, including both remote and face-to-face client...  ...a new automated paradigm. Manage full-lifecycle sales processes... 
    Remote work
    Application
    Full time

    Cypago

    San Francisco, CA
    1 day ago
  • $90k

     ...critical programs across national security, defense, and public service...  ...Lead end-to-end incident management operations through the...  ...across cloud, network, and application teams in complex enterprise...  ...operational efficiencies. #LI-Remote #techjobs #clearance #veteranspage... 
    Remote work
    Application
    Contract work

    MAXIMUS

    Montgomery, AL
    4 days ago
  •  ...Position Title: Customer Success Manager Location: This position is remote, with approximately 25% travel to...  ...one hour of Albany, NY. Application Process: Interested candidates who...  ...IaaS (AWS, Azure, GCP), SaaS, and security solutions. OEM sales certifications... 
    Remote work
    Application
    Contract work
    Temporary work
    Work at office
    Local area
    Immediate start

    Strategic Communications

    Albany, NY
    20 hours ago
  •  ...Mission Praetorian is an expert‑driven offensive security company. Our mission is to prevent...  ...are looking for an Offensive Security Manager who leads from the front. You're not managing...  ...of execution across red team, application security, and cloud security. Drive Performance... 
    Application
    Shift work

    Praetorian

    Austin, TX
    4 days ago
  • $180k - $220k

     ...TrackVia TrackVia is a low-code application platform headquartered in...  ...are hiring our Director of Security to build and lead TrackVia's...  ...• Run vulnerability management, identity, and access programs...  ...Candidates who require fully remote arrangements are unlikely to... 
    Remote work
    Application
    Work at office

    TRACKVIA INC

    Denver, CO
    25 days ago
  •  ...generation.This position is remote (with sufficient experience)...  ...goalsWork closely with sales management and team resources on...  ...performance, resilience, and security.Our cultureWe celebrate mold...  ...candidates, our team only reviews applications submitted through our... 
    Remote work
    Application
    Work at office
    Local area
    Home office

    NetApp

    New York, NY
    4 days ago
  •  ...USDS Joint Venture is searching for a Manager of Security Posture Validation in Washington, DC....  ...candidate should have extensive experience in offensive security, managing teams, and a strong background in cloud, mobile, and web application security. A competitive salary and... 
    Application

    TikTok USDS Joint Venture

    Washington DC
    1 day ago
  • $95k - $105k

     ...experience) Reports To: Program Manager Position Summary Blue Sky...  ...for each ServiceNow process or application in scope, ensuring users...  ...logistics. Required Qualifications Security Clearance Active TS/SCI...  ...miles of Chantilly, VA. No fully remote option. Standard work schedule... 
    Remote work
    Application
    Work at office
    Monday to Friday

    Blue Sky Innovative Solutions

    Chantilly, Loudoun County, VA
    1 day ago
  • ## Solar O&M Site Manager - Obion County, TN### General...  ..., CMR, Network Mgr., Remote Desktop and SAP*...  ...cancellation, no disqualifying offenses, no more than 2 moving...  ...benefits to provide security, and retirement...  ...governing documents and applicable law.**Diversity, Equity... 
    Remote work
    Application
    Full time
    Local area
    Worldwide
    Flexible hours

    Enel Chile S.A

    Nashville, TN
    3 days ago
  • $2,000 per month

     ...Preschool Services team! ***Remote Assignment Bonus***...  ...2,080 service hours). Applicable locations only:...  ...guarantee the safety and security of participants and employees...  ..., Care Provider Management Bureau (CPMB). With the...  ...nature, such as sex offenses, murder, manslaughter,... 
    Remote work
    Application
    Full time
    Contract work
    Work experience placement
    Work at office
    Immediate start
    Visa sponsorship

    GovernmentJobs.com

    Twentynine Palms, CA
    20 hours ago
  • $105k - $126k

     ...Senior Manager, Remote Screening Sites The Logistics functional area department is responsible...  ...for coordinating with the LA28 Security Functional Area and relevant law enforcement...  ...LA28's operational business needs and applicable law. LA28 does not provide relocation... 
    Remote work
    Application
    Relocation package
    Flexible hours

    LA28

    Los Angeles, CA
    3 days ago
  • $100k

     ...critical programs across national security, defense, and public service...  ...as the enterprise Release Manager, responsible for coordinating...  ...(network, cloud, applications, telecom). Strong understanding...  ...#clearance #veteransPage #LI-remote Minimum Requirements TCS... 
    Remote work
    Application
    Contract work

    MAXIMUS

    Columbus, OH
    1 day ago
  • $90k - $155.16k

     ...benefit from our guidance and management of complex IT...  ...and collaborate with a team remotely Excellent verbal, written...  ...and Windows-based computer applications Preferred Experience...  ...center industry, Cloud, and/or Security solution selling Working... 
    Remote work
    Application
    Full time
    Local area
    Work from home
    Home office

    Tierpoint

    Saint Louis, MO
    4 days ago
  •  ...AI Project Manager Location: REMOTE EST hours Length: 18 months + Interview Process: Likely...  ...birthday Last 4 digits of Social Security Number Requirements * 8+ years...  ...of AI and Client concepts and their application in project management. Job... 
    Remote work
    Application
    H1b

    RIT Solutions

    United States
    20 hours ago
  •  ...#LI-Hybrid #INDPPL The Senior Manager, Modern Workplace Architect...  ...environment, ensuring delivery of a secure, scalable, and high-...  ...standardized, and efficient delivery of applications across all endpoint platforms...  ...a related field required. Remote Work The company reserves the... 
    Remote work
    Application
    Work at office
    Local area

    PPL Corporation

    Louisville, KY
    3 days ago
  •  ...listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Head of Security based in Switzerland. This executive security...  ...is highly valued. Benefits Fully remote position with flexible working arrangements.... 
    Remote work
    Application
    Flexible hours

    Jobgether

    Indiana, PA
    1 day ago
  • Senior Offensive Security Consultant, Mandiant (Google) - Ontario, CA. Location: Ottawa, ON; Toronto, ON; Remote (Ontario, CA; Quebec, CA). Minimum Qualifications Bachelor...  ...network administration, project management, developing applications, technical incident response... 
    Remote work
    Application

    Itlearn360

    Ontario, CA
    3 days ago
  • $304k

    Snowflake is hiring a Director of Engineering in Bellevue, WA, responsible for defining security strategy across three core pillars: application security, cloud security assurance, and offensive security, while leading high-performing teams. The ideal candidate will have over... 
    Application

    Snowflake

    Bellevue, WA
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Manager, Offensive and Application Security (Remote). Be the first to apply!