Managing Director, Cyber Testing - Red Team

To address the most critical needs of our clients, RSM US LLP has built a national Cyber Risk Consulting practice comprised of several hundred dedicated professionals. Our teams help clients prevent, detect, and respond to security threats affecting their most critical systems and data, delivering expertise in security testing and operations, architecture, governance, compliance, and digital forensics.

We are seeking an experienced Managing Director to lead our Cyber Testing team within the Cyber Testin practice. This executive will set vision and strategy for our Red Team, Penetration Testing, and Advanced Adversarial Simulation capabilities across the firm. The ideal candidate brings deep technical credibility, proven practicebuilding experience, and the executive presence to advise Csuite and boardlevel stakeholders on the evolving threat landscape.

This Managing Director will continue RSM's mission of building a worldclass consulting practice, expanding our market presence, and delivering innovative solutions that address our clients' most complex cybersecurity risks.

• Set strategic direction for the Cyber Testing practice, including Red Team, Adversary Emulation, Penetration Testing, Cloud/DevSecOps testing, and emerging offensive security services.
• Lead practice growth through new service development, market positioning, and expansion into priority industries.
• Drive revenue strategy, forecasting, margin management, and performance metrics to ensure financial and operational targets are met.
• Represent RSM in the market through thought leadership, industry events, strategic partnerships, and executive engagements.

• Serve as executive sponsor for major clients, providing board and Csuitelevel guidance on adversarial threats, business risk, and cyber resilience.
• Communicate technical issues in clear, executive-ready terms and translate findings into actionable strategies for risk reduction.
• Oversee large, complex engagements to ensure quality, governance, client satisfaction, and alignment with client business priorities.
• Build and expand long-term client relationships, identifying opportunities to bring the full breadth of RSM capabilities to clients.

• Ensure all Cyber Testing engagements meet RSM quality standards, regulatory expectations, and ethical/offensive security operating procedures.
• Establish and evolve methodologies for Red Team operations, penetration testing, cloud testing, and adversary emulation.
• Drive continuous improvement by monitoring emerging attacker tradecraft, industry threats, and client needs.

• Lead, mentor, and develop a high-performing team of Directors, Senior Managers, Managers, and technical specialists.
• Build succession pipelines, hiring strategies, and professional development pathways for offensive security talent.
• Foster an inclusive, collaborative culture grounded in technical excellence, innovation, and client service.

• Bachelor's degree in computer science, engineering, information systems, or related field.
• 12+ years of cybersecurity experience, with significant leadership responsibility in Red Team operations, offensive security, penetration testing, or adversarial threat simulation.
• Proven track record of leading and scaling cybersecurity teams, including oversight of managers and senior technical leaders.
• Deep understanding of attacker methodologies, offensive tools, cloud security, and modern penetration testing frameworks.
• Demonstrated success in executivelevel client advisory roles, including presenting complex cyber risk topics to senior leadership.
• Strong business development leadership with demonstrated success driving new revenue, expanding accounts, and navigating the full sales cycle.
• Experience operating within a professional services firm, consultancy, or large enterprise with complex client environments.
• Exceptional collaboration, communication, and relationshipbuilding abilities.

• Advanced offensive security or cloud security certifications (e.g., OSCP, OSWE, OSCE3, OSEP, Burp Suite Certified Practitioner, GIAC, AWS security certifications).
• Experience serving regulated industries such as Financial Services, Healthcare, Energy, or Critical Infrastructure.
• Recognized industry thought leadership, including publications, conference speaking, or contributions to the offensive security community.
• Demonstrated ability to lead distributed and hybrid teams across multiple locations and time zones.
• Proven ability to bring creative thinking, initiative, and agility to complex client challenges.

• Executive presence with the ability to influence senior stakeholders and boards.
• Strategic thinker with a strong sense of ownership, discipline, and accountability.
• Collaborative, peoplecentered leader committed to developing talent.
• Ability to operate in complex, fastmoving environments with sound judgment and ethical decisionmaking.
• Innovative mindset with strong commercial and technical instincts.