Offensive Security Manager (Penetration Testing | Red Team | Adversary Simulation)

Description du poste:

Location: Leca do Balio, Portugal

About the role
We are seeking an experienced Offensive Security Manager to lead and coordinate penetration testing, red teaming, and adversary simulation activities across the organization. You will manage offensive security operations end-to-end while collaborating closely with Incident Response (DFIR), Threat Hunting, SOC, Threat Intelligence, and Security Leadership to strengthen cyber resilience.

What you'll do

* Lead and manage offensive security engagements: pentests, red team operations, purple team exercises, and security validation.
* Coordinate with DFIR/SOC/Threat Intel/Security Engineering during cyber incidents to provide adversary-focused technical guidance.
* Define and improve methodologies, playbooks, reporting standards, testing procedures, and risk prioritization aligned with enterprise security objectives.
* Translate technical findings into clear, actionable recommendations for engineering teams and executive-level reporting.
* Mentor and develop offensive security professionals; ensure quality delivery, stakeholder alignment, and continuous improvement.
* Own planning and governance: scope definition, timelines, communication, and delivery assurance for complex assessments.
What you bring
Required
* 7+ years in offensive security (pentesting/red teaming/adversary emulation) with demonstrable leadership experience.
* Strong hands-on background in:
* Web/API, infrastructure & cloud testing
* Threat emulation / adversary simulation
* Security validation and control testing
* Ability to collaborate effectively with IR/DFIR, SOC, Threat Hunting, TI and senior stakeholders.
* Strong reporting & communication skills: able to explain risk, impact, and remediation to technical and non-technical audiences.
* English level C1.
Nice to have
* Experience running purple team programs and security control validation frameworks.
* Experience supporting high-profile investigations and post-incident technical analysis.
* Exposure to cloud offensive security, mobile, OT/IoT, or social engineering (as applicable).
Certifications (preferred)
* Offensive Security: OSEP, OSCE3
* SANS: GXPN, GMON, GCFA
* CREST: CCSAM / CCTIM
* Governance/Leadership: ISACA CISM, ISC2 CISSP
* Microsoft: SC-100
* Altered Security: CRTE / CARTP
What we offer
* Competitive compensation package (base + variable) and benefits.
* A role with real impact on enterprise security posture and cyber resilience.
* Continuous learning environment (certifications, trainings, knowledge sharing).
* Collaboration with senior security stakeholders and cross-functional teams.
* Flexible working model (depending on local policy) + medium travel.

YOUR CAREER AT THALES

Future opportunities will allow you to discover other domains or sites. You will be able to evolve and grow your competences in different areas:

Room and attention to personal development
Build your talents in another domain of Thales Group, discovering new products, new customers, new country or go to a more complex Solution
Choose between a technical expertise or a leadership path
Build an international career within a leading Engineering Group