Assistant Vice President Cybersecurity - Offensive Security Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

EXL · 1 hour ago

Assistant Vice President Cybersecurity - Offensive Security Lead

positionJersey City, NJ
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
money$125K/yr - $155K/yr
date8+ years exp

EXL is a leading operations management and analytics company that helps businesses enhance growth and profitability. The AVP Cybersecurity - Offensive Security Lead is responsible for assessing and challenging the security posture across various products and services, conducting red team operations, and advocating for cybersecurity best practices.

AnalyticsBankingOutsourcing
check
H1B Sponsor Likelynote

Responsibilities

Conduct red team operations by serving either the red team lead or the secondary operator on engagements
Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems
Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness
Automate portions of assessments, scoping, or other offensive security work to inform and drive our engagement
Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats
Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycle
Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
Influence and align the team’s strategy, and collaboratively prioritize and deliver specific multi-year roadmaps and projects
Leverage deep technical expertise in operating systems, network architecture, and infrastructure fundamentals to execute sophisticated attack chains and navigate complex enterprise environments during red team operations
Pioneer cutting-edge offensive security capabilities in coordination with our dedicated malware and capability developers by researching, developing, and operationalizing innovative techniques, proprietary tools, and advanced methodologies that push the boundaries of adversarial simulation and red team effectiveness
Offer mentorship or coaching to growing team members, while sharing knowledge externally through blogs, webinar presentations, or presenting at conferences
Collaborate with cross-functional teams on key activities, including scoping initiatives, providing subject matter expertise in high-stakes sales presentations, and contributing strategic technical insights to marketing campaigns that showcase our capabilities
Help define, document, and continuously refine internal technical processes, service methodologies, and tactical procedures (TTPs) that standardize excellence across all engagements
Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations

Qualification

Red Team OperationsPenetration TestingMITRE ATT&CK FrameworkCloud PlatformsVulnerability ResearchCyber Risk AssessmentsWindows Active DirectoryOffensive Security ToolsCommunicatorAgile EnvironmentPrivacy Best PracticesCollaborative

Required

Bachelor's degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience
8+ years of work experience performing adversarial simulation related engagements, with overall experience of 10-15 years
Recognized Red Team or Penetration testing specific qualifications such as CCSAS, CCSAM, CRTO, OSED, OSCE (GXPN, GPEN, OSCP, GWAPT or similar certifications may also be considered)
Working knowledge of Windows, Linux and MacOS operating systems
Extensive understanding of the MITRE ATT&CK framework, OWASP Top 10, and other security frameworks
Expertise in Windows Active Directory exploitation and lateral movement
Working knowledge of “cloud” platforms (AWS/Azure/GCP and O365/Google Workspace) and container technologies (Kubernetes/Docker)
Able to conduct cyber risk assessments using frameworks or standards like NIST CSF, ISO 27001/2, PCI, CIS Top 20, CMMC, or other industry measurement tools
Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weaknesses after receiving permission from client stakeholder
Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
Familiarity with offensive tools, based on applicable skillset
Deep technical familiarity with offensive and defensive IT concepts and protocols
Research and evaluate emerging privacy technologies from academia and industry, contributing to open-source tools and AI privacy standards
Act as consultant and advocate for privacy best practices as central to our mission of Responsible AI

Preferred

Strong communicator with the ability to positively influence engineers, developers, architects, and business leaders alike
Thoughtful, pragmatic, and able to execute in a high-velocity, agile environment
Deeply collaborative and experienced at embedding security into developer culture
Track record of reducing risk without slowing down innovation
Being articulate and precise to the internal stakeholders who are seeking counsel on what are the risks, why are they impactful, and options on how to resolve them
Broad knowledge across the Security domain, as well as demonstrated focus in AI security evaluations and in one (or more) areas of Cybersecurity such as Red Teaming, Purple Teaming, Vulnerability Research, and Exploitation
Master's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or related field

Company

EXL

twittertwittertwitter
company-logo
EXL is a provider of Transformation and Outsourcing services to Global 1000 companies in multiple industries
dateFounded in 1999
location
New York, New York, USA
people-size10001+ employees
web-link
http://www.exlservice.com

H1B Sponsorship

EXL has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2020 (1)

Funding

Current Stage
Public Company
Total Funding
$150M
Key Investors
The Orogen GroupFTV Capital
2018-10-02Post Ipo Debt· $150M
2006-10-20IPO
2004-12-01Series Unknown

Leadership Team

leader-logo
Rohit Kapoor
Chairman & Chief Executive Officer
linkedin
leader-logo
Brad Burdick
SVP, Insurance Domain Platforms
linkedin

Recent News

GlobeNewswire
EXL named a Leader in five quadrants in ISG Provider Lens™ Insurance Services Global Report
2026-01-13
MarketScreener
EXL promotes seasoned insurance executive Raghav Jaggi
2025-12-24
SalesTech Star
EXL Promotes Seasoned Insurance Executive Raghav Jaggi
2025-12-24
Company data provided by crunchbase