Would you like to join the leading international intergovernmental organization?

The Deputy Service Delivery Manager (Deputy SDM) for Penetration Testing Services supports the Service Delivery Manager in ensuring high-quality, efficient, and effective penetration testing services across NATO and NCIA environments. This role combines technical oversight with service management, stakeholder engagement, and continuous improvement initiatives to maintain service excellence in offensive security assessment.

Responsibilities:

• Support the SDM in delivering high-quality penetration testing services.

• Accurately evaluate scope and level of effort (LoE) for penetration testing tasks.

• Provide technical oversight of vulnerabilities identified during testing.

• Act as a technical liaison between penetration testers, service management, and stakeholders.

• Contribute to service quality, consistency, and continuous improvement.

• Assist in planning and scheduling penetration testing engagements across NATO and NCIA environments.

• Coordinate resources and ensure adherence to agreed timelines.

• Monitor engagement progress and manage risks and dependencies.

• Conduct technical scoping discussions with stakeholders.

• Assess complexity, attack surface, and constraints of target systems.

• Produce justified LoE estimates aligned with NCSC PTAE methodologies.

• Support engagement kick-offs, debriefings, and technical discussions.

• Translate technical findings into risk-focused language for decision-makers

• Support service reporting, KPIs, and dashboards.

• Contribute to methodology updates and lessons learned.

Required qualifications and experience:

• 3+ years in project management or service delivery management in cyber security.

• Extensive technical background in penetration testing and offensive security.

• Demonstrated understanding of vulnerabilities across network, application, and cloud environments.

• Ability to estimate effort and scope complex technical assessments.

• Strong understanding of the penetration testing service lifecycle.

• Proven ability to scope engagements including objectives, in/out of scope, assumptions, constraints, RoE, and deliverables

• Solid knowledge of common penetration testing standards and requirements (e.g., OWASP, PTES, NIST/ISO-aligned practices)

• ITIL experience, with a strong focus on Change Management

• Proven customer-facing experience including requirements gathering, stakeholder management, and expectation setting.

• Ability to map needs to the right test types (web/API, network, cloud, mobile, wireless, red teaming vs. penetration testing)

• Excellent English (written and spoken); able to produce and review customer-ready documentation

If you've read the description and feel this role is a great match, we'd love to hear from you! Click "Apply for this job" to be directed to a brief questionnaire. It should only take a few moments to complete, and we'll be in touch promptly if your experience aligns with our needs.