Asst Dir Adversarial Security Testing

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
This position is open to remote. However, if local to MKE or NYC, it will require onsite presence each week (3 days in MKE or 2 days in NYC).
Northwestern Mutual's Adversarial Security Testing team is an elite group of offensive security engineers who continually operate at the cutting edge of the industry. We are seeking an experienced and motivated Assistant Director for Adversarial Security Testing to lead this team and continue to maintain its pace of operation and innovation.
The Assistant Director for Adversarial Security Testing leads a team responsible for application security penetration testing, red teaming, purple teaming, bug bounty programs, and the operation of our automated in-house TTP (Tactics, Techniques, and Procedures) testing program for our purple team.
Primary Duties & Responsibilities:

• Oversee and conduct application security penetration tests to identify vulnerabilities and ensure compliance with security standards.
• Plan and execute red team engagements to simulate advanced persistent threats and improve our defensive capabilities.
• Operate and enhance our purple team initiatives to integrate offensive and defensive strategies, supporting detection engineering, incident response, and threat hunting.
• Manage our bug bounty program to engage external researchers in identifying vulnerabilities.
• Continue to develop, implement, and refine our custom TTP testing program to evaluate and enhance our security posture.
• Work closely with other cybersecurity teams, IT, and business units to align security efforts with organizational goals.
• Accountable for a full range of manager responsibilities including communication, coaching, mentoring and staff development, performance management, salary administration, and staffing decisions. Participant in functional management to ensure optimum effectiveness and quality by managing adherence to strategies, goals, budgets, operating policies, and procedures as an NM frontline manager. Alignment of roles and responsibilities in decision-making.
• Accountable for translating the departmental strategy to cybersecurity operational objectives including both systems and processes. Drives for results through others to include:
  
  • Integrating and designing measurement systems, targets, and specific initiatives in support of the various strategies
  • Directing teams and individuals to ensure business outcomes are achieved
  • Identifying and cultivating relationships with key stakeholders representing a broad range of functions and levels to ensure alignment with departmental and enterprise business strategies
• Accountable for an effective and efficient business unit designed and maintained to support the business outcomes. Responsible for the integration of:
  
  • Organization/department design and structure
  • Workforce management (forecasting, obtaining, developing, and assigning the right resources)
  • Effective and efficient internal workflow and processes
  • Information and knowledge flows throughout the business unit and out to the organization through both formal and informal exchanges
• Accountable for providing guidance and escalation avenues for the business unit based on understanding the business values, goals, work processes, and workflows
• Responsible for counseling the enterprise on interpreting and integrating cybersecurity support departmental and corporate strategies
• Accountable for evaluation, review, and approval of risk assessment and risk management strategies and processes to establish a foundation for appropriately managing systems and data risks.

Qualifications:

• Bachelor's degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS, or a related field; or related work experience beyond the minimum required.
• One or more advanced risk or security certifications (e.g., CISSP, CRISC, CISA, CISM, CCSP).
• Experience in penetration testing and offensive security programs.
• Experience with Python development, especially in security automation or in aiding penetration testing.
• Proficiency in various security tools and frameworks (e.g., Metasploit, Burp Suite, Cobalt Strike)
• Strong knowledge of MITRE ATT&CK and how it should be leveraged within an organization.
• 9-14 years experience
• Minimum of nine total year's relevant experience to include a minimum of two or more years of experience in information systems or systems audit plus a minimum of five years experience in planning, organizing, and managing the activities of others as direct reports and/or project teams.
• Proven people management skills including human relations and interpersonal skills necessary to manage a group of people.
• Thorough knowledge of human resources operating policies.
• Proven ability to build effective teams committed to organizational goals.
• Foster collaboration among team members and across teams
• Demonstrated ability to step forward to address difficult issues.
• Ability to influence others through a combination of active listening, asserting own ideas, and persuading others
• Proven analytical skills especially in decision-making and problem-solving
• Proven ability to manage multiple priorities and the ability to handle ambiguity
• Proven ability to cultivate relationships and counsel key business partners within all levels of the organization

Preferred Qualifications:

• Experience with managing teams in an Agile environment

Our Benefits!

• Tons of room for career growth.
• We offer highly competitive compensation, including annual bonus opportunities
• Medical/Dental/Vision plans, 401(k), pension program
• We provide tuition reimbursement, PTO, and Holiday Pay
• We provide extensive Professional Training Opportunities
• We offer an excellent Work/Life Balance

#LI-Remote
Compensation Range:
Pay Range - Start:
$133,140.00
Pay Range - End:
$247,260.00
Northwestern Mutual pays on a geographic-specific salary structure and placement in the salary range for this position will be determined by a number of factors including the skills, education, training, credentials and experience of the candidate; the scope, complexity as well as the cost of labor in the market; and other conditions of employment. At Northwestern Mutual, it is not typical for an in dividual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Please note that the salary range listed in the posting is the standard pay structure. Positions in certain locations (such as California) may provide an increase on the standard pay structure based on the location. Please click here for additiona l information relating to location-based pay structures.
Job Posting End Date:
10/31/2024
The timeline for this job posting may be shortened or extended based on organizational needs
Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in California, Colorado, New York City, Washington or outside of a Corporate location, please click here for information pertaining to compensation and benefits.
FIND YOUR FUTURE
We're excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.

• Flexible work schedules
• Concierge service
• Comprehensive benefits
• Employee resource groups