Type: Full Time
Location: Bethlehem, PA ( Hybrid- 3 days onsite)
The Lead, Cyber Security Assurance Testing is a working lead / “player coach role” within client company's Cybersecurity Assurance organization. This role includes formal people management responsibility for a small number of senior engineers, with a focus on operational and tactical planning ,execution, and reporting, contributing to strategic planning, and accountable for project and program outcomes.
The role is structured roughly as:
60% leadership, coordination, and program execution
40% hands on technical contribution and research
This position leads through influence, technical credibility, and ownership. It is designed for an experienced security professional who demonstrates ambition, strong execution discipline, and the potential to grow into broader leadership over time, while remaining close to the work today. The role supports and helps evolve client company's Application Security Testing, Ethical Hacking (Red Team), and Third Party Testing programs, working closely with Cyber Defense, application owners, and client company India Security Assurance.
Key Responsibilities
Lead and coordinate day to day execution of:
- Application Security Testing
- Ethical Hacking / Red Team activities
- Third party penetration testing engagements
- Lead the Improvement and evolution of AppSec and Red Team programs, increasing consistency, structure, and measurable outcomes.
- Own and maintain processes, procedures, playbooks, and documentation to ensure clarity, repeatability, and quality.
- Contribute to and execute against program planning artifacts, including Roadmaps, backlogs, and quarterly and annual goals
- Coordinate work across US And India Based assurance staff and third party testing vendors.
- Remain actively involved in application security testing and ethical hacking, providing technical guidance and quality assurance
- Targeted application security testing
- Rating & Validation of high risk or high impact findings
- Red team or adversarial exercises where appropriate
- Support security product evaluation, selection, proof of concepts, and implementation, ensuring tools are operationalized effectively.
- Communicate technical findings clearly and simply to non technical stakeholders.
- Translate testing results into risk based, actionable insights.
- Collaborate closely with Cyber Defense, application teams, and security stakeholders to ensure testing results lead to defensive improvements and remediation.
- 5+ years of experience in application security testing, ethical hacking, or offensive security, with demonstrated leadership responsibility.
- Strong understanding of:
- Application security testing techniques
- Penetration testing vs. red team objectives
- Secure SDLC and risk-based testing
- Hands on technical experience validating vulnerabilities and testing application security controls.
- Experience improving or evolving existing security programs, rather than only building from scratch.
- Strong process orientation with proven ability to create practical, lightweight documentation.
- Excellent communication skills with the ability to explain technical concepts in simple, business relevant terms.
- Demonstrated ambition and intent to grow into broader leadership scope over time.
- Bachelor’s degree in a related field or equivalent experience/certifications.
- Experience in financial services or other large, regulated enterprise environments.
- Exposure to cloud native application security and modern CI/CD environments.
- Experience working with globally distributed teams (e.g., US and India).
- Familiarity with AppSec and Offensive Security tools.
Estimated Min Rate: $126000.00
Estimated Max Rate: $180000.00
What’s In It for You?
We welcome you to be a part of the largest and legendary global staffing companies to meet your career aspirations. Yoh’s network of client companies has been employing professionals like you for over 65 years in the U.S., UK and Canada. Join Yoh’s extensive talent community that will provide you with access to Yoh’s vast network of opportunities and gain access to this exclusive opportunity available to you. Benefit eligibility is in accordance with applicable laws and client requirements. Benefits include:
- Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week)
- Health Savings Account (HSA) (for employees working 20+ hours per week)
- Life & Disability Insurance (for employees working 20+ hours per week)
- MetLife Voluntary Benefits
- Employee Assistance Program (EAP)
- 401K Retirement Savings Plan
- Direct Deposit & weekly epayroll
- Referral Bonus Programs
- Certification and training opportunities
Note: Any pay ranges displayed are estimations. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply.
Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process.
For California applicants, qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. All of the material job duties described in this posting are job duties for which a criminal history may have a direct, adverse, and negative relationship potentially resulting in the withdrawal of a conditional offer of employment.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
By applying and submitting your resume, you authorize Yoh to review and reformat your resume to meet Yoh’s hiring clients’ preferences. To learn more about Yoh’s privacy practices, please see our Candidate Privacy Notice: https://www.yoh.com/privacy-notice
