Senior Technical Program Manager (Red Team)

Shift5 is seeking an experienced Senior Technical Program Manager (Red Team) to join our growing team. In this role, your primary goal will be to oversee technical research engineering teams and execute multiple vulnerability research, exploit development, and threat assessment projects in parallel that help both customers and other Shift5 engineers understand exactly how cyber threat actors could attack exotic cyber-physical operational technology (OT) systems on a wide variety of DoD and commercial platforms. You will use your technical knowledge and experience to provide a roadmap for teams assessing and creating cyber threats to platforms like planes, trains, and tanks, then translate those technical findings for customer audiences in presentations and reports. You will also be responsible for the programmatic logistics, deliverables, and administrative overhead of project execution, such as customer interaction, relationship management, intracompany coordination, budget, resourcing, detailed planning, risk management, and anything else that ensures a professional and on-time delivery of Shift5 products.

You will be responsible for helping maintain and build the culture that drives Shift5 Research and ensuring a hacker mindset that keeps engineering dynamic and uncovers every possible threat to a platform with maximum efficiency. You’ll also work closely with our Field and Product Engineering managers to develop better anomaly detection systems by leveraging expertise gained on platforms to recommend product features and enhancements and bring Research prototypes to productization. This position is the heart of execution when it comes to vulnerability research and development at Shift5 and is an immense opportunity to further establish Shift5 as the industry leader in securing cyber-physical systems with clear impacts on the safety of the community. 

We’re looking for someone with an insatiable appetite for learning who frequently explores ways to make the impossible possible. Someone who embraces uncertainty, thrives in the unknown, and views incomplete information as an opportunity. You should have a passion for breaking things, believe no system is impenetrable, and trust we can keep others safe by identifying and overcoming weaknesses in critical systems. You must own what you build and understand the responsibility that comes with building tools that could cause damage to real systems and people’s lives. If this sounds like you, drop us a line because we’d love to start a conversation.

Shift5 is a rapidly growing data and cybersecurity scale-up. We specialize in capturing and analyzing serial bus data in real time, providing anomaly detection and operational intelligence required to act. Our insights provide real-time alerting and historical trends to assure mission readiness and cyber survivability, and our innovative technology enables military systems to deter adversaries, protect warfighters, and maintain their competitive edge. We are a collaborative, passionate and driven cadre of cyber security experts. Our engineers are multidisciplinary, and our team is dynamic. We’re a growing company focused on helping our customer’s fleets run smarter and safer by capitalizing on mountains of data resting right about the wheels. Come join us.

In this role you will be expected to:

• Lead technical teams and provide clear direction and guidance on how to meet project objectives that entail world class vulnerability research and assessments.
• Have outstanding written and spoken communication skills and excel under pressure, be it environmental or situational. 
• Understand and communicate the systems and engineering behind OT platforms to a wide audience, both inside and outside the company.
• Foster and manage successful relationships with senior executive stakeholders/customers, managing expectations, and achieving successful outcomes.
• Make detailed project plans that align with contract requirements.
• Write vulnerability assessment reports, presentations, and other contract deliverables with input from engineers.
• Plan and execute demonstrations, presentations, and operations of Shift5 capabilities on operational platforms.
• Understand the techniques and methods of effective cyber threat actors and be able to emulate threat activity from script-kiddie to nation state.
• Work and coordinate with cross-functional teams to accomplish company goals, which include cybersecurity and anomaly detection product improvements, demonstrations, and deployments.
• Effectively communicate technical information about cyber threats to both technical and non-technical audiences.
• Be ready to learn and be flexible. You’ll be engaged in a wide variety of work in support of Shift5 priorities, which often change in a growing company.
• Work in a hybrid model, local to Shift5 HQ in Rosslyn, VA, and be prepared to travel up to 40%.

We're looking for someone who is/has:

• BS or MS in a related field such as Computer Science, Electrical Engineering, Computer Engineering, Information Systems, Systems Engineering, Management, or equivalent.
• Leadership and project management experience in offensive cyber operations and/or vulnerability research projects.
• Effective communication and intuition, even in unclear and dynamic situations.
• Penetration testing, red teaming, or vulnerability research experience.
• Experience in cyber security concepts or fields.
• Keen ability to create large, custom, technical reports and present technical findings.
• Ability to foster organizational relationships and coordinate disparate resources they may not fully control.
• Experience in organizing and categorizing vulnerability and threat information.
• Capacity to conduct sales calls, capture and proposal efforts.
• Ability to efficiently multitask and accommodate change of priorities on demand.
• Experience in embedded systems or serial networks preferred, but not required.
• Protocol or firmware reverse engineering experience preferred, but not required.
• Systems engineering and modeling languages experience preferred, but not required.
• Must be local to our Rosslyn, VA office, able to work with remotely distributed teams, and should expect up to 40% travel.
• US Citizenship.
• Able to obtain or hold a US Government Security Clearance.

Compensation & Benefits:

• Competitive salary and stock options in a fast-growing startup
• Employer-paid medical, dental and vision coverage for employees and their families
• Health Savings Account with annual employer contributions
• 401k with employer contributions
• Employer-paid Life Insurance
• Uncapped paid time off policy
• Flexible work & remote work policy
• Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA)

We are committed to building an inclusive culture of belonging that embraces the diversity of our people and represents the communities in which we work and the customers we serve. We know the happiest and highest performing teams include people with diverse perspectives and ways of solving problems. We strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work. 

Shift5 is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identify, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.