Offensive Cyber Security Director

London, United Kingdom Posted on 10/09/2025

We are seeking a highly experienced Offensive Cyber Security Director to lead and expand our client's offensive security capability. The successful candidate will be responsible for building strategy, overseeing red team and penetration testing operations, and providing executive-level insight into adversarial threats. This role requires a visionary leader with both hands on technical depth and proven strategic leadership experience in offensive cyber security.

Key Responsibilities

• Lead and manage the offensive security function, including red teaming, adversary simulation, penetration testing, and threat emulation.
• Define and deliver the offensive security strategy aligned to enterprise risk and business objectives.
• Oversee the planning and execution of red team exercises, purple team engagements, and advanced penetration testing across applications, infrastructure, and cloud environments.
• Develop and mentor a team of elite security testers, fostering innovation and continuous improvement.
• Provide executive reporting and board-level briefings on offensive security posture, findings, and risk impact.
• Ensure adherence to compliance requirements and industry frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001).
• Partner with defensive security, SOC, and threat intelligence teams to improve detection and resilience based on offensive findings.
• Act as a trusted advisor to senior leadership on emerging threats, zero day vulnerabilities, and adversary tactics.
• Manage vendor relationships, third party red team providers, and tooling procurement.

Required Skills & Experience

• Proven experience in leadership roles within offensive cyber security, red teaming, or advanced penetration testing.
• Strong technical expertise in: Network, application, and cloud penetration testing.
• Adversary emulation and red team methodology.
• Exploit development and advanced attack tooling.
• Deep understanding of threat actors, TTPs, and APT methodologies.
• Hands on knowledge of security testing tools and frameworks (e.g., Cobalt Strike, Metasploit, Burp Suite, custom tooling).
• Excellent ability to translate complex offensive findings into business risk language for executives.
• Experience managing multi disciplinary cyber security teams across geographies.
• Track record of influencing at senior leadership and board level.

Desirable Qualifications

• Degree in Cyber Security, Computer Science, or related field (or equivalent experience).
• Advanced industry certifications such as: OSCE, OSEE, GXPN, CREST CCT (Red Team), CCSAS, CISSP.
• Experience in regulated sectors (finance, critical infrastructure, defense) where offensive security is critical.
• Exposure to threat hunting, incident response, and purple teaming.

Personal Attributes

• Visionary leader with the ability to shape and grow an offensive security practice.
• Strong communicator able to influence both technical experts and board executives.
• High integrity with a strong sense of responsibility and confidentiality.
• Passionate about innovation, research, and staying ahead of adversaries.