Head of Cybersecurity Assurance Testing

Head of Cybersecurity Assurance Testing

The Head of Cybersecurity Assurance Testing is a people manager and hands-on role accountable for the performance, evolution, and measurable outcomes of Guardian’s application security testing, ethical hacking/”red team” programs and third party testing exercises. This role will deliver results through team leadership, tactical planning, hands-on testing, peer collaboration, and program ownership. This role is responsible for managing & developing staff, planning and conducting red team missions, coordinating penetration testing and third-party adversarial exercises, and driving collaborative purple teaming by planning and executing head-to-head exercises with the blue team. The role oversees two US FTEs and works closely with and India counterparts, cyber defense stakeholders, and application owners to ensure offensive security efforts are risk-aligned, actionable, and drive meaningful risk reduction.

Locations: On-site at Hudson Yards, NY or Bethlehem, PA office avg. 3 days per week

Key Responsibilities

Program Leadership & Accountability

• Develop and own the roadmap, backlog, and quarterly planning for Application Security, Red, and Purple Teaming.
• Lead red team missions, application security tests, and coordinate third-party adversarial exercises.
• Ensure team performance, resource planning, and program outcomes; deliver results directly and through others.
• Oversee project delivery and capability expansion.

Cross-Functional Collaboration

• Plan, execute, and report on Purple Team (offense/defense) exercises.
• Partner with Cyber Defense to improve detection, response, and resilience.
• Deliver actionable readouts and lessons learned to all stakeholders.
• Align with Vulnerability and Threat specialists, stakeholders, and Peer teams for future red team planning.

People Leadership & Team Development

• Manage, coach, and develop engineers; set goals, provide feedback, support growth, and aide with career development planning. Include diverse learning in plans from conferences to hands-on learning and capture-the flag exercises, to additional learning activities and certifications.
• Foster a high-performance, accountable, and innovative culture.
• Ensure optimal resource utilization and allocation.

Strategic Collaboration

• Partner with application owners, global teams, and security stakeholders to focus on high-risk areas and close findings.
• Translate findings to meaningful insights and recommend defense improvements.
• Influence offensive/application security testing standards and other policies and standards based on findings.

Innovation & Continuous Improvement

• Introduce new offensive/Application Security technologies, methodologies, and automation (including A.I.).
• Integrate security validation into CI/CD; promote automated testing.
• Encourage continuous improvement and experimentation.

Governance & Reporting

• Define, track, and report KPIs for coverage, risk reduction, remediation, and automation.
• Deliver executive-ready reports translating technical findings to business risk.
• Publish KPIs and ensure timely remediation or risk acceptance of findings

Required Qualifications

• 5+ years in offensive security, ethical hacking, or application security leadership roles.
• Hands-on experience planning and conducting penetration tests, red team operations, application security testing, and purple team exercises.
• Experience managing technical teams and delivering results through others.
• Proficiency with industry-leading tools (Burp, ZAP, Cobalt Strike, etc.) and automation frameworks.
• Strong understanding of secure SDLC, threat modeling, adversarial simulation, and CI/CD security integration.
• Excellent communication and stakeholder management skills.
• Bachelor’s degree in cybersecurity or related field, or equivalent certifications (OSCP, OSWE, GWAPT, CISM, etc.).
• Demonstrated ability to drive urgent response, automate manual processes, and ensure closure of findings.

Preferred Qualifications

• Experience in financial services or large enterprise environments.
• Familiarity with automation frameworks and AI-driven security testing.
• Exposure to cloud security and containerized application testing.
• Experience leading global teams.

Location

• Three days a week at our Guardian office in New York, NY or Bethlehem, PA

Salary Range:

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.

Our Promise

At Guardian, you’ll have the support and flexibility to achieve your professional and personal goals.  Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Inspire Well-Being

As part of Guardian’s Purpose – to inspire well-being – we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Explore our company benefits at www.guardianlife.com/careers/corporate/benefits. Benefits apply to full-time eligible employees. Interns are not eligible for most Company benefits.

Equal Employment Opportunity

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.

Accommodations

Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact [email protected]. Please note: this resource is for accommodation requests only. For all other inquires related to your application and careers at Guardian, refer to the Guardian Careers site.

Visa Sponsorship

Guardian is not currently or in the foreseeable future sponsoring employment visas. In order to be a successful applicant. you must be legally authorized to work in the United States, without the need for employer sponsorship.

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday.