Head of Cybersecurity Assurance Testing

The Head of Cybersecurity Assurance Testing is a leadership and hands-on role responsible for Guardian's application security testing, ethical hacking, and third-party testing programs. This role involves managing and developing staff, planning and executing red team missions, coordinating penetration testing, and driving collaborative purple teaming. The individual will oversee two US FTEs and collaborate with India counterparts, cyber defense, and application owners to ensure offensive security efforts are risk-aligned and reduce risk. The role focuses on program leadership, cross-functional collaboration, people development, strategic partnerships, innovation, and governance.

Must Have

• Develop and own the roadmap, backlog, and quarterly planning for Application Security, Red, and Purple Teaming.
• Lead red team missions, application security tests, and coordinate third-party adversarial exercises.
• Ensure team performance, resource planning, and program outcomes.
• Plan, execute, and report on Purple Team exercises.
• Partner with Cyber Defense to improve detection, response, and resilience.
• Manage, coach, and develop engineers; set goals, provide feedback, support growth, and aid with career development planning.
• Partner with application owners, global teams, and security stakeholders to focus on high-risk areas and close findings.
• Introduce new offensive/Application Security technologies, methodologies, and automation.
• Define, track, and report KPIs for coverage, risk reduction, remediation, and automation.
• 5+ years in offensive security, ethical hacking, or application security leadership roles.
• Hands-on experience planning and conducting penetration tests, red team operations, application security testing, and purple team exercises.
• Experience managing technical teams and delivering results through others.
• Proficiency with industry-leading tools (Burp, ZAP, Cobalt Strike, etc.) and automation frameworks.
• Strong understanding of secure SDLC, threat modeling, adversarial simulation, and CI/CD security integration.
• Excellent communication and stakeholder management skills.
• Bachelor’s degree in cybersecurity or related field, or equivalent certifications (OSCP, OSWE, GWAPT, CISM, etc.).
• Demonstrated ability to drive urgent response, automate manual processes, and ensure closure of findings.

Good to Have

• Experience in financial services or large enterprise environments.
• Familiarity with automation frameworks and AI-driven security testing.
• Exposure to cloud security and containerized application testing.
• Experience leading global teams.

Perks & Benefits

• Support and flexibility to achieve professional and personal goals.
• Skill-building opportunities.
• Leadership development opportunities.
• Philanthropic opportunities.
• Opportunities to build communities.
• Contemporary, supportive, flexible, and inclusive benefits and resources.

Head of Cybersecurity Assurance Testing

The Head of Cybersecurity Assurance Testing is a people manager and hands-on role accountable for the performance, evolution, and measurable outcomes of Guardian’s application security testing, ethical hacking/”red team” programs and third party testing exercises. This role will deliver results through team leadership, tactical planning, hands-on testing, peer collaboration, and program ownership. This role is responsible for managing & developing staff, planning and conducting red team missions, coordinating penetration testing and third-party adversarial exercises, and driving collaborative purple teaming by planning and executing head-to-head exercises with the blue team. The role oversees two US FTEs and works closely with and India counterparts, cyber defense stakeholders, and application owners to ensure offensive security efforts are risk-aligned, actionable, and drive meaningful risk reduction.

Locations: On-site at Hudson Yards, NY or Bethlehem, PA office avg. 3 days per week

Key Responsibilities

Program Leadership & Accountability

• Develop and own the roadmap, backlog, and quarterly planning for Application Security, Red, and Purple Teaming.
• Lead red team missions, application security tests, and coordinate third-party adversarial exercises.
• Ensure team performance, resource planning, and program outcomes; deliver results directly and through others.
• Oversee project delivery and capability expansion.

Cross-Functional Collaboration

• Plan, execute, and report on Purple Team (offense/defense) exercises.
• Partner with Cyber Defense to improve detection, response, and resilience.
• Deliver actionable readouts and lessons learned to all stakeholders.
• Align with Vulnerability and Threat specialists, stakeholders, and Peer teams for future red team planning.

People Leadership & Team Development

• Manage, coach, and develop engineers; set goals, provide feedback, support growth, and aide with career development planning. Include diverse learning in plans from conferences to hands-on learning and capture-the flag exercises, to additional learning activities and certifications.
• Foster a high-performance, accountable, and innovative culture.
• Ensure optimal resource utilization and allocation.

Strategic Collaboration

• Partner with application owners, global teams, and security stakeholders to focus on high-risk areas and close findings.
• Translate findings to meaningful insights and recommend defense improvements.
• Influence offensive/application security testing standards and other policies and standards based on findings.

Innovation & Continuous Improvement

• Introduce new offensive/Application Security technologies, methodologies, and automation (including A.I.).
• Integrate security validation into CI/CD; promote automated testing.
• Encourage continuous improvement and experimentation.

Governance & Reporting

• Define, track, and report KPIs for coverage, risk reduction, remediation, and automation.
• Deliver executive-ready reports translating technical findings to business risk.
• Publish KPIs and ensure timely remediation or risk acceptance of findings

Required Qualifications

• 5+ years in offensive security, ethical hacking, or application security leadership roles.
• Hands-on experience planning and conducting penetration tests, red team operations, application security testing, and purple team exercises.
• Experience managing technical teams and delivering results through others.
• Proficiency with industry-leading tools (Burp, ZAP, Cobalt Strike, etc.) and automation frameworks.
• Strong understanding of secure SDLC, threat modeling, adversarial simulation, and CI/CD security integration.
• Excellent communication and stakeholder management skills.
• Bachelor’s degree in cybersecurity or related field, or equivalent certifications (OSCP, OSWE, GWAPT, CISM, etc.).
• Demonstrated ability to drive urgent response, automate manual processes, and ensure closure of findings.

Preferred Qualifications

• Experience in financial services or large enterprise environments.
• Familiarity with automation frameworks and AI-driven security testing.
• Exposure to cloud security and containerized application testing.
• Experience leading global teams.

Location

• Three days a week at our Guardian office in New York, NY or Bethlehem, PA

Salary Range:

$118,980.00 - $195,465.00

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.

Our Promise

At Guardian, you’ll have the support and flexibility to achieve your professional and personal goals. Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Inspire Well-Being

As part of Guardian’s Purpose – to inspire well-being – we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Explore our company benefits at www.guardianlife.com/careers/corporate/benefits.

Equal Employment Opportunity

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.

Accommodations

Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact MyHR@glic.com. Please note: this resource is for accommodation requests only. For all other inquires related to your application and careers at Guardian, refer to the Guardian Careers site.

Visa Sponsorship

Guardian is not currently or in the foreseeable future sponsoring employment visas. In order to be a successful applicant. you must be legally authorized to work in the United States, without the need for employer sponsorship.

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday.

About Guardian

Every day, Guardian helps our 29 million customers realize their dreams through a range of insurance and financial products and services. Our Purpose, to inspire well-being, guides our dedication to the colleagues, consumers, and communities we serve. We know that people count, and we go above and beyond to prepare them for the life they want to live, focusing on their overall well-being — mind, body, and wallet. As one of the largest mutual insurance companies, we put our customers first. Behind every bright future is a GuardianTM. Learn more about Guardian at guardianlife.com.

Visa Sponsorship:

Guardian Life is not currently or in the foreseeable future sponsoring employment visas. In order to be a successful applicant, you must be legally authorized to work in the United States, without the need for employer sponsorship.