Full Description

CBTS serves enterprise and midmarket clients in all industries across the United States and Canada. CBTS combines deep technical expertise with a full suite of flexible technology solutions--including Application Modernization, Managed Hybrid Cloud, Cybersecurity, Unified Communications, and Infrastructure solutions. From developing and deploying modern applications and the secure, scalable platforms on which they run, to managing, monitoring, and optimizing their operations, CBTS delivers comprehensive technology solutions for its clients' transformative business initiatives. For more information, please visit www.cbts.com.

The Manager – Penetration Testing leads CBTS’s Offensive Security practice, overseeing the delivery of high‑quality penetration tests, red‑team engagements, and threat‑emulation services. This role ensures technical excellence, consistent methodology, team development, and exceptional client value while driving practice growth.

Key Responsibilities

Leadership & Team Management

Lead, coach, and develop a team of penetration testers, red‑team operators, and offensive security consultants. Oversee capacity planning, engagement assignments, and resource utilization to ensure timely delivery. Create a culture of continuous learning, ethical conduct, technical innovation, and operational excellence. Mentor team members through advanced exploitation techniques, reporting best practices, and client communication.

Service Delivery Excellence

Oversee execution of internal/external network penetration tests, application and API testing, cloud testing, wireless assessments, and social engineering. Ensure all engagements follow CBTS playbooks, methodologies, and compliance standards. Review technical findings, reports, and remediation guidance for accuracy, clarity, and completeness. Ensure engagements align with scope, timelines, and client expectations.

Practice & Methodology Development

Maintain and enhance the CBTS offensive security methodology, tooling, and reporting standards. Develop new service offerings, including adversary emulation, purple‑team services, cloud offensive testing, and industrial/OT security (as applicable). Oversee internal R&D to build custom tools, automation, and repeatable frameworks.

Client Engagement & Stakeholder Management

Act as executive‑level escalation point for clients during and after penetration testing engagements. Present findings to technical, security, and C‑suite stakeholders in business‑aligned language. Support the creation of Statements of Work (SOWs), scoping calls, and proposal development in partnership with Solutions Architects and Sales. Build long‑term client relationships and support new and repeat business opportunities.

Quality Assurance & Risk Management

Ensure adherence to legal, ethical, and contractual requirements in all offensive engagements. Manage operational risks, documenting and escalating critical issues appropriately. Maintain high standards for confidentiality, testing authorization, and data handling.