Head of Offensive & Defensive Security (f/m/x)
neoshare · Sofia, Bulgaria
Apply directly on neoshare’s careers site — no account needed.
Get the next jobs like this one by email
One free alert to apply before the crowd — jobs land straight from company career pages. One-click unsubscribe.
About the role
Your mission
About the RoleAs Head of Red & Blue Team Security, you will lead our offensive and defensive security functions and own the development and execution of a comprehensive security assurance strategy. With a strong emphasis on penetration testing and adversarial simulation, you will embed security deeply into our Software Development Lifecycle (SDLC) and ensure that engineering teams consistently apply security-first principles. You will act as the key liaison between product development, compliance, legal, and external partners — translating complex regulatory requirements into practical, scalable security solutions across our platform.
What You'll Do
Red & Blue Team Leadership
- Lead, grow, and mentor both the Red Team (offensive) and Blue Team (defensive), fostering a culture of continuous adversarial thinking and security resilience.
- Drive penetration testing programs — both internal and coordinated with external partners — across infrastructure, applications, and cloud environments.
- Oversee vulnerability assessments, threat intelligence, and security analyses, and ensure findings translate into actionable remediation plans.
- Expand and mature the Red & Blue Team capabilities through new tooling, methodologies, and threat simulation frameworks
- Take full ownership of technical and organizational aspects of product security.
- Develop and implement security standards and processes, including Secure SDLC, Threat Modeling, and security testing integration into CI/CD pipelines.
- Build and lead a specialized Security Engineering team alongside the Red & Blue functions.
- Define and implement additional defensive strategies to strengthen the organization's overall security resilience.
Stakeholder Collaboration & Governance
- Partner closely with Product Development to integrate security requirements early in the development process and negotiate effective remediation timelines for identified vulnerabilities.
- Work with Information Security, Data Protection, Compliance, and Legal teams to ensure platform-wide regulatory adherence.
- Communicate and present the security strategy, architecture, andassuranceposture to customers, partners, regulators, and auditors.
- Support the onboarding of new banking partners by ensuring platform security and stability meet required standards.
- Strengthen the visibility and authority of the security function within the broader organization.
- Introduce and champion digital security tooling to enhance detection, response, and overall security operations.
- Continuously raise the security bar across teams through training, awareness, and policy enforcement.
Your profile
What You Bring- Several years of experience in product security or security engineering, ideally within regulated SaaS, fintech, or banking environments.
- Proven hands-on experience leading Red Team and/or Blue Team operations, including penetration testing, threat hunting, and incident response.
- Strong technical understanding of modern software architectures — particularly cloud-native environments, containerized systems (e.g., Kubernetes), and CI/CD pipelines.
- Experience designing and implementing security processes within software development contexts (Secure SDLC,DevSecOps).
- Familiarity with relevant regulatory frameworks such as ISO 27001, BAIT, DORA, or equivalent.
- Ability to work in a structured and effective way across departments and with external auditors.
- Strong English skills, both written and spoken.
- High willingness to travel.
Why us?
Shape the Future with Impactful Innovation
Join a fast-growing Fintech/Proptech where your ideas and expertise contribute to groundbreaking products and meaningful collaborations with industry leaders. Together, we’re shaping the future of real estate and finance, ensuring your work makes a lasting industry impact.
Collaborate in a Diverse & Inclusive Team
Our international team—spanning Sofia, Munich and Frankfurt—is united by a shared passion for innovation and excellence. We celebrate diverse perspectives and foster a supportive environment where everyone thrives.
Comprehensive Benefits for Your Well-being
At neoshare, we are committed to supporting our team members both professionally and personally. Our benefits package is designed to enhance your work-life balance and well-being, offering:
- Comprehensive Health Insurance: Peace of mind with top-tier health coverage.
- Fully Covered Multisport or CoolFit Card: Stay fit and healthy with access to a wide range of fitness programs, completely covered by us.
- 26 Paid Vacation Days: Take time to recharge with ample vacation, ensuring you maintain a healthy balance between your personal and professional life.
- Flexible Working Models: Enjoy the flexibility of hybrid work arrangements, allowing you to choose between working from home or in our modern offices.
- 13th Month Salary: Receive an additional 13th-month salary as part of our commitment to rewarding your hard work and dedication.
Skills
- Penetration Testing
- GitHub Actions
- Kubernetes
- Stakeholder Management
Get the next jobs like this one by email
One free alert to apply before the crowd — jobs land straight from company career pages. One-click unsubscribe.