Who We Are:

In today's work environment, employees use a myriad of devices to access IT applications and data over multiple networks to stay productive, wherever and however they work. Ivanti elevates and secures Everywhere Work so that people and organizations can thrive.

While our headquarters is in the U.S., half of our employees and customers are outside the country. We have 36 offices in 23 nations, with significant offices in London, Frankfurt, Paris, Sydney, Shanghai, Singapore, and other major cities around the world.

Ivanti's mission is to be a global technology leader enabling organizations to elevate Everywhere Work, automating tasks that discover, manage, secure, and service all their IT assets. Through diverse and inclusive hiring, decision-making, and commitment to our employees and partners, we will continue to build and deliver world-class solutions for our customers.

Our Culture - Everywhere Work Centered Around You

At Ivanti, our success begins with our people. This is why we embrace Everywhere Work across the globe, where Ivantians and our customers are thriving. We believe in a healthy work-life blend and act on it by fostering a culture where all perspectives are heard, respected, and valued. Through Ivanti's Centered Around You approach, our employees benefit from programs focused on their professional development and career growth.

We align through our core values by locking arms in collaboration, being champions for our customers, focusing on the outcomes that matter most and fighting the good fight against cyber-attacks. Are you ready to join us on the journey to elevate Everywhere Work?

What You Will Be Doing

As an Offensive Security Manager, you will be a driving force into moving Ivanti to a risk-based security organization. Your work will have direct impact on reducing the IT security risks in Ivanti products and services. With a solid technical background and knowledge in IT security and software development, you'll be the link between the different security and engineering teams and their stakeholders.

You will be leading a team of experienced penetration testers in performing targeted internal penetration tests based on the risks you identified. You are a strong advocate of security by design and secure software development lifecycle.

Responsibilities

• Lead and manage a team of offensive security experts, including recruitment, training, and performance management.
• Work with Offensive Security team members and key Engineering/Product Management stakeholders to schedule testing engagements, based on product threat models.
• Support the Product Security team in devising hypothesis-driven testing engagements against Ivanti's products and components.
• Support the Product Security Leader with driving product security improvement initiatives, such as improving penetration testing process, responsible disclosure and bugbounty program workflows, etc.
• Participate in meaningful thought leadership around product security and red teaming by engaging with the community in blogs, webinars, conferences, etc. as well as working with partners on driving industry improvements.
• Review and finalize Product Threat Model definitions.
• Collaborate closely with other Infosec teams to ensure a holistic approach to security.
• Lead the Product Security Incident Response Team (PSIRT) investigations, as required.
• Maintain Ivanti's PSIRT response plan by regularly holding meetings with cross-functional teams, including engineering, product management, customer support, legal, marketing and PR.
• Stay abreast of emerging threats, vulnerabilities, and attack techniques, and incorporate this knowledge into offensive security operations.
• Conduct regular assessments of security controls, policies, and procedures to identify areas of improvement and recommend appropriate remediation measures.

To Be Successful in The Role, You Will Have:

• 5-6 years' experience as a network or application penetration tester.
• Experienced in leading a red team against a large, complex target strongly preferred.
• Previous managerial or people-leader experience helpful.
• Associated degree or higher in a technology or security field.
• A solid understanding of common technology such as, Active Directory, O365, cloud platforms (AWS and Azure), Windows, OS X and Linux operating systems, mobile operating systems, networking etc.
• A solid understanding of application security standards (OWASP, ASVS, etc.) highly desired.
• Understanding of how to implement secure application architecture and securing the SDLC, e.g. OWASP SAMM.
• Strong analytical and problem-solving skills, with the ability to prioritize and address security risks effectively in a fast-paced environment.
• Strong verbal and written communication skills for communicating with both engineering and business stakeholders.
• Demonstrated ability to collaborate cross-functionally and build relationships with stakeholders at all levels of the organization.

Also preferred:

• Infosec Community engagement including bug bounties, blogs, CVEs, or conference talks.
• OSCP, OSCE, GPEN, GWAPT, CRTP/CRTA certifications

At Ivanti, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Ivanti believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.

If you require special assistance for the best interview experience, please contact us at recruiting@ivanti.com.