BrainRocket · 12 hours ago
Penetration Testing Team Lead
New Jersey, United States
Full-time
Onsite
Senior Level
5+ years expBrainRocket is a global company creating end-to-end tech products for clients across Fintech, iGaming, and Marketing. They are seeking a Penetration Testing Team Lead to lead and grow the Offensive Security function while maintaining a strong hands-on role.
Internet of ThingsIT InfrastructureIT ManagementSoftware
Hiring Manager
🌻 Natallia Matsukevich
Responsibilities
Build the Offensive security function from the ground up: define methodologies, reporting standards, and the hiring plan for future team expansion
Recruit, mentor, and develop the team of offensive security engineers, ensuring technical excellence and consistent delivery quality once hired
Perform deep-dive manual penetration testing for complex, high-risk, or business-critical assets, focusing on realistic attack scenarios rather than high-volume "bug-bounty style" findings
Lead and coordinate purple team exercises with the SOC/Blue Team, simulating real-world attacks to validate detection capabilities and tune SIEM/EDR rules
Collaborate closely with the Application Security Team to validate vulnerabilities and guide effective remediation strategies
Translate offensive findings into actionable threat intelligence, TTPs, and recommendations to enhance detection and threat hunting
Act as a subject matter expert in security architecture discussions, secure design reviews, and security code reviews
Stay current with emerging attack techniques, tools, and security trends, and ensure knowledge is shared within the engineering teams
0-to-1 establishment of the offensive security capabilities and team roadmap
End-to-end ownership of penetration testing execution, quality, and reporting
Identification of critical attack paths that threaten the company’s core business products
Delivery of TTPs and threat-hunting insights for purple team initiatives
Effective cross-team collaboration with Application Security, Security Operations, and Engineering
Qualification
Required
5+ years of hands-on experience in Penetration Testing, including web, mobile, API, and cloud environments (AWS, Azure, GCP)
Experience building offensive security processes, methodologies, or tools from scratch
Strong 'playing coach' mindset: willingness to remain highly hands-on (70-80%) while setting up the function
Deep understanding of penetration testing methodologies and frameworks (OWASP Top 10, SANS Top 25)
Demonstrated experience contributing to purple team exercises and working closely with SOC to improve detection logic
Strong hands-on experience with industry-standard tools (Burp Suite Pro, Metasploit, Nmap, etc.) and ability to develop custom automation (Python, Go, PowerShell, Bash)
Solid knowledge of network protocols (TCP/IP, HTTP/S, DNS), operating systems (Linux, Windows), and cloud-native architectures (Docker, Kubernetes)
Excellent communication skills, with the ability to clearly present critical business risks to both technical and non-technical stakeholders
Preferred
Advanced certifications such as OSCP, OSCE, OSWE, CRTP, or SANS GIAC
Experience in fast-growing companies (Gaming/Fintech) with exposure to industry-specific security challenges
Benefits
Learning and development opportunities and interesting, challenging tasks.
Opportunity to develop language skills, with partial compensation for the cost of English/Spanish classes (for localisation purposes).
Relocation package (tickets, staying in a hotel for up to 2 weeks, and visa relocation support for our employees and their family members).
Global coverage health insurance.
Time for proper rest, with 20+ working days of annual vacation and 6 additional paid sick days.
Competitive remuneration level with annual review.
Teambuilding activities.
Company
BrainRocket
BrainRocket is a software company that offers IT solutions and services tailored to our clients’ needs.
1001-5000 employees
Funding
Current Stage
Late StageRecent News
2026-01-03
2025-08-23
2025-08-13
Company data provided by crunchbase