Overview
Skills
Job Details
Application Pentest Operations Manager (Remote)
We are in need of a direct hire Application Pentest Operations Manager to join our client, a leading financial services company. The Application Pentest Operations Manager will drive application vulnerability assessment program as services to the global business.
Location: Remote
This job expects to pay about $130,000 - $150,000 plus bonus and benefits
What You Will Do:
- Lead the planning, execution, and operational delivery of internal and external application penetration tests.
- Manage a team of application security testers, ensuring timely and high-quality assessments.
- Develop and enforce standardized methodologies, playbooks, and reporting templates.
- Interface with development, DevOps, and product teams to communicate findings and drive remediation.
- Build and maintain metrics, KPIs, and dashboards to monitor the effectiveness of pentesting operations.
- Act as a subject matter expert (SME) for complex application pentesting engagements.
- Collaborate with vulnerability remediation and risk management teams to align findings with broader enterprise risk models.
- Manage third-party pentest vendors, including SOW creation, scoping, and quality review.
- Integrate AI-powered tools and automation platforms (e.g., anomaly detection models) into pentesting workflows.
- Continuously evaluate new application offensive security and AI-based technologies to improve testing coverage and depth.
- Assist in responding to application security incidents and bug-bounty submitted reports.
What You Bring to the Table:
- 5+ years of experience in application security or offensive security, including 2+ years in a leadership or management capacity.
- Deep understanding of web, mobile, thick client, LLM and API security vulnerabilities (e.g., OWASP Top 10, SANS CWE 25).
- Experience with manual and automated pentesting tools (e.g., Burp Suite, ZAP, Metasploit, Nmap, DAST scanners).
- Hands-on using AI pentesting tools is a plus.
- Bonus: Experience in AI security (e.g., adversarial ML, model poisoning, AI system threat modeling).
- Certifications:
- OSCP Offensive Security Certified Professional (Required or strong preference)
- GWAPT - GIAC Web Application Penetration Tester
- OSWE Offensive Security Web Expert (Preferred)
- CISSP Certified Information Systems Security Professional (Preferred)
- GPEN GIAC Penetration Tester (Preferred)
- AI/ML Certifications e.g., Microsoft AI-102, Google Cloud ML Engineer, or similar (Bonus)
Irvine Technology Corporation (ITC) is a leading provider of technology and staffing solutions for IT, Security, Engineering, and Interactive Design disciplines servicing startups to enterprise clients, nationally. We pride ourselves in the ability to introduce you to our intimate network of business and technology leaders bringing you opportunity coupled with personal growth, and professional development! Join us. Let us catapult your career!
Irvine Technology Corporation provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Irvine Technology Corporation complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.