SecJobs
RoleSuite
CompaniesRemoteAboutMethodologyContactPrivacy
Updated 2026-07-04 15:00 UTC·© 2025–2026 RoleSuite
← Back to listings

Director, Offensive Security

Jobgether · Canada

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Director, Offensive Security based in Canada.

This leadership role sits at the core of a modern, security-driven SaaS organization, responsible for shaping and scaling offensive security across cloud, application, and AI-enabled environments. You will lead a high-impact function focused on identifying real-world attack paths, validating controls, and reducing enterprise risk through proactive security testing. The role blends deep hands-on offensive security expertise with strategic program ownership, influencing how security is embedded across engineering and product teams. You will oversee penetration testing, red teaming, vulnerability management, and emerging AI security validation efforts. Working cross-functionally with engineering, product, compliance, and legal stakeholders, you will translate technical findings into actionable business risk insights. This is a highly visible leadership position with direct impact on product security maturity and organizational resilience.

Accountabilities

You will define and lead the offensive security vision while driving hands-on execution across testing, validation, and vulnerability management programs:

  • Lead the offensive security strategy, roadmap, and execution across applications, cloud infrastructure, APIs, and AI-enabled systems.
  • Oversee penetration testing, red teaming, purple teaming, and adversary simulation exercises.
  • Manage internal and external security testing efforts, including vendors and specialized offensive security partners.
  • Drive continuous attack surface management and security validation across evolving environments.
  • Build and scale AI security testing and red teaming practices for LLMs and agent-based systems.
  • Own vulnerability management lifecycle including triage, prioritization, remediation tracking, and retesting.
  • Partner with engineering teams to embed secure development practices and risk-based remediation approaches.
  • Develop metrics, reporting frameworks, and standards to measure security effectiveness and risk reduction.
  • Collaborate with senior leadership across engineering, product, security, compliance, and legal to communicate risk and recommendations.
  • Requirements

    This role requires deep offensive security expertise combined with leadership experience in complex SaaS or cloud environments:

    • 10+ years of experience in Information Security, including significant offensive security leadership.
    • 5+ years of hands-on offensive security experience (penetration testing, red teaming, vulnerability research).
    • 3+ years of experience in engineering or software development environments.
    • Strong expertise in application security, cloud security, APIs, containers, and modern software architectures.
    • Proven experience leading offensive security programs in SaaS or cloud-native organizations.
    • Hands-on knowledge of AI/LLM security testing, including adversarial evaluation of AI systems.
    • Strong ability to translate technical vulnerabilities into business risk and executive-level insights.
    • Experience working with vulnerability management and security validation at scale.
    • Excellent communication, leadership, and stakeholder influence skills.
    • Relevant certifications such as OSCP, OSWE, GXPN, GPEN, CISSP, or CCSP are considered strong assets.
    • Benefits

      • Competitive CAD base salary aligned with experience and market benchmarks.
      • Performance-based bonus and comprehensive compensation package.
      • Fully remote or hybrid flexibility depending on location within Canada.
      • Comprehensive health, dental, and vision coverage.
      • Retirement and long-term financial planning support.
      • Paid time off and public holidays for rest and recovery.
      • Volunteer days and dedicated learning/innovation time.
      • Tuition assistance and professional development support.
      • Strong focus on flexibility, autonomy, and continuous learning.

Security pay context

Based on 1,615 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $178K (10th–90th percentile: $95K–$215K).

See the full Security salary breakdown →
Apply →

Other roles at Jobgether

  • AI/ML Research EngineerUK
  • AI/ML Research EngineerBrazil
  • AI/ML Research EngineerIndia
  • Dynamics 365 CE Field Service Consultant/ArchitectNetherlands
  • Dynamics 365 CE Field Service Consultant/ArchitectIreland
  • SAP Database EngineerUS
  • Dynamics 365 CE Field Service Consultant/ArchitectSwitzerland
  • Dynamics 365 CE Field Service Consultant/ArchitectFrance
  • Dynamics 365 CE Field Service Consultant/ArchitectGermany
  • Dynamics 365 CE Field Service Consultant/ArchitectSpain

More Security roles

  • Cybersecurity Automation EngineerGeneral Dynamics · USA NC Fort Bragg
  • ICAM Solutions Architect SMEGeneral Dynamics · Any Location / Remote
  • Solution Architect: Operational ResilienceCapco · UK - London
  • Staff Engineer, Security Engineering PartnersTwilio · Remote - Canada
  • Solution Architect – Operational Resilience - 6 Month FTC Capco · UK - London
  • Senior Security Engineer (AI Safety), London or LausanneIsomorphic Labs · Lausanne; London
  • Sr Security Engineer, Incident ResponseDatabricks · Belgium; Finland; Remote - Denmark; Remote - France; Remote - Germany; Remote - Netherlands; Remote - Spain; Remote - Sweden; Remote - United Kingdom; Switzerland
  • Senior GRC AnalystPleo · London
  • Senior GRC AnalystPleo · United Kingdom
  • Product, Application and Offensive Security LeadWPP · United Kingdon