Principal, Offensive Cyber Operations (Penetration Testing)

At Fortalice, we believe in building a culture where purpose drives performance. Our team is made up of passionate cybersecurity professionals who are committed to protecting national interests through innovation, integrity, and continuous learning. Job Summary Join our mission-driven team as a Principal, Offensive Cyber Operations (Penetration Testing), and lead the charge in simulating advanced cyber threats against high-value environments. In this technical leadership role, you will mentor a team of penetration testers, drive the quality and effectiveness of offensive operations, and shape Fortalices red and purple team capabilities. Reporting to the Director of Offensive Cyber Operations (OCO), you will balance hands-on technical testing with strategic guidance, ensuring engagements are executed with excellence from planning through reporting. You will partner closely with clients—commercial and government—to understand their mission, emulate modern adversary tactics, techniques, and procedures (TTPs), and deliver actionable insights that materially improve their security posture. This role is ideal for a seasoned offensive security professional who excels at leading through influence, is passionate about developing others, and is committed to advancing Fortalices offensive cyber strategy and capabilities.

Responsibilities

Supervisory & Leadership Duties

• Ensure all team members follow Fortalice policies and procedures
• Coach and mentor subordinates to strengthen working relationships and skill development
• Identify skill gaps and recommend appropriate training
• Ensure team meets/exceeds goals and maintains "Fortalice way" standards:
• Sustaining effective client communication
• Completing work on time with expected quality
• Reinforcing company standards
• Manage subordinate PTO requests and workload allocation
• Participate in recruiting and assist with onboarding

Primary Technical Responsibilities

• Provide technical mentorship to penetration test engineers
• Oversee penetration test projects through technical and project management lifecycles
• Maintain and enhance internal testing infrastructure
• Lead development of Red and Purple Team capabilities and operations strategy
• Deliver penetration testing solutions using modern attacker tools, techniques, and procedures (TTPs)
• Produce and lead development of reports and briefings for senior client executives

Client & Strategic Leadership

• Communicate with commercial and government client contacts on ongoing projects and new assessments
• Serve as thought leader in Offensive Cyber Operations for Fortalice
• Work with key partners to develop strategic direction for policies, processes, and capabilities
• Assist with internal resourcing for commercial and government projects
• Support proposal process: participate in client meetings, create marketing content, prepare levels of effort (LOEs)
• Keep abreast of cybersecurity trends and competitive landscape
• Assist with security clearance paperwork for engineers
• Coordinate with subcontractors on required paperwork
• Recommend new procedures and policies
• Assist with business development calls for commercial work
• Ensure offensive security team continuously expands knowledge in cyber security practices

Work Environment

• Must be located within 25 miles of Charlotte, NC or Washington, DC
• Hybrid role with in-office expectation of 1-3 days per week
• Occasional travel to client sites may be required
• Primarily sedentary role with occasional light lifting (up to 10 pounds)
• Routinely uses standard office equipment such as computers, printers, phones, etc.

Qualifications

• US Citizenship required
• Active US government security clearance preferred
• Masters degree in cybersecurity or a related field and four (4) years of relevant experience OR a bachelors degree in cybersecurity or a related field and six (6) years of relevant experience OR high school diploma and eight (8) years of relevant experience.
• One of the following certifications preferred: GIAC Penetration Tester (GPEN), GIAC Experienced Penetration Tester (GX-PT), GIAC Cloud Penetration Test (GCPN), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), Offensive Security Certified Profession (OSCP), or equivalent.
• Expert ability to independently complete highly complex tasks with minimal supervision.
• Demonstrated detail-oriented self-starter with the ability to work in collaborative team environments.
• Strong ability to manage varying priorities and complex projects simultaneously.
• Advanced written and oral communication skills (both internal and client-facing).
• Advanced experience with a variety of offensive tools, including Certipy, Bloodhound, Azurehound, Metasploit, Burp Suite, Kali Linux, Nessus, etc.

Benefits

At Fortalice, we are committed to supporting your well-being, professional growth, and long-term success. Our comprehensive benefits package is designed to provide financial security, health coverage, and peace of mind—so you can focus on doing your best work.

• 401(k) Plan with Company Match: We match your contributions 100% of the first 3% and 50% of the next 2%, helping you build a secure financial future.
• Generous Paid Time Off: Enjoy paid vacation and sick leave to recharge, maintain work-life balance, and prioritize your health.
• Fully Paid Medical, Dental, and Vision Premiums: Comprehensive health coverage for you, with affordable discounts available for family members.
• Health Savings Account (HSA) Contributions: We contribute to your HSA to help offset deductible costs and support long-term health savings.
• Supplemental Benefits: Access to additional benefits including life insurance, disability coverage, employee assistance programs (EAP), and wellness initiatives.

We invest in your success—because when you thrive, so does our mission. Apply tot his job Apply To this Job