Description
About the Role
We are looking for a visionary Senior Director to lead our Offensive Security Penetration Testing team, scaling and maturing a focused offensive security organization dedicated to deep application level penetration testing and advanced AI/ML exploitation across our products and platforms.
This role includes both executive leadership and a strong technical knowledge. You will own strategy, prioritization, resourcing, quality, and outcomes, ensuring penetration testing efforts reduce critical/systemic risk and directly influence our product, features and platform security decisions.
Leadership & Management Responsibilities
Strategic Ownership & Vision
Own the long-term vision and roadmap for penetration testing, aligned with company risk priorities and product strategy.
Define success metrics such as risk reduction, systemic issue elimination, pre-GA coverage, and remediation quality.
Balance hands-on technical depth with strategic delegation to enable scale.
Team Leadership & Development
Build, lead, and retain a high-performing team of senior penetration testers.
Define role expectations, leveling, and career progression across IC and leadership paths.
Coach and develop senior technical leaders and foster a culture of technical excellence, accountability, and impact.
Program & Portfolio Management
Own prioritization across penetration testing efforts, balancing depth, coverage, and timing based on risk and business needs.
Ensure consistent execution and high quality outcomes while enabling deep, research-driven work where it delivers the most value.
Align testing efforts with major product launches, architectural changes, and AI feature rollouts.
Executive Communication & Influence
Serve as the executive authority on OffSec penetration testing.
Communicate clearly with senior leadership on high-risk findings, systemic exposure, trends, and investment needs.
Translate technical risk into business-relevant narratives that drive decisions.
Budget, Hiring & Governance
Own headcount planning, hiring strategy, budget, and selective use of external vendors.
Establish standards for engagement scoping, reporting quality, and fix validation.
Ensure findings result in real remediation by tracking progress and escalating stalled or systemic risks.
Required Qualifications
12+ years of experience in offensive security or vulnerability research, including leadership of senior technical teams or functions.
Proven track record of building, scaling, and leading high-impact security organizations.
Strong ability to set strategy, prioritize risk, and drive measurable outcomes across multiple products or platforms.
Experience operating at the Director or Senior Director level, influencing engineering leadership and executive decision-making.
Excellent people leadership skills, including hiring, developing senior leaders, and performance management.
Ability to translate complex security risk into clear, business-relevant guidance for executive stakeholders.
Deep expertise in Offensive Security, Pen Test/Red Team with a strong attacker mindset.
Proven personal experience executing high Impact Pentesting engagements.
Preferred Qualifications
Experience leading an Offensive Security team in large-scale or fast-moving environments such as Pentest/RedTeam/Research.
Track record of influencing secure-by-design decisions at the platform or architecture level.
Security research publications, talks, or tooling contributions demonstrating technical and organizational impact.
Research & Disclosure and Track record of discovering and responsibly disclosing security vulnerabilities through CVEs, Publications, Blogs or event Talks/Presentations
For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.