HubMub
-
Visteon Corporation

Offensive Security Specialist | Cyber Security

Visteon Corporation
Portugal · Full-time · Not Applicable
Visteon is a global automotive technology leader, advancing mobility through innovative technology solutions that enable a software-defined future. The company's state-of-the-art product portfolio merges digital cockpit innovations, advanced displays, AI-enhanced software solutions, and integrated EV architecture solutions. With expertise spanning passenger vehicles, commercial transportation, and two-wheelers, Visteon partners with global automakers to create safer, cleaner, and more connected journeys. Founded in 2000, the company employs 10,000 employees in 18 countries around the globe. In 2024, Visteon recorded annual sales of approximately $3.87 billion and secured $6.1 billion in new business. To know more about us, visit visteon.com .

Mission of the role:

Visteon is looking for an experienced Offensive Security Specialist to spearhead our red team operations and penetration testing capabilities. Reporting directly to the CISO, this hands-on leadership role is responsible for proactively identifying and exploiting vulnerabilities across Visteon’s global infrastructure, applications, and systems - before adversaries do. The Offensive Security Lead will partner with defensive and governance teams to continuously strengthen our security posture.

Key Objectives of the Role:

  • Design, plan, and execute advanced red team operations simulating sophisticated real-world threat actors against Visteon’s environments.
  • Conduct and oversee comprehensive penetration testing across internal and external infrastructure, web and mobile applications, cloud environments, and endpoints.
  • Develop and maintain a red team program, including rules of engagement, campaign planning, reporting frameworks, and remediation tracking.
  • Produce high-quality technical and executive-level reports that clearly articulate risk, findings, and actionable remediation recommendations.
  • Collaborate closely with the Security Operations and Cyber Defense team to improve detection and response capabilities through adversarial simulation.
  • Stay current with the latest offensive security techniques, tools, CVEs, and threat actor TTPs (Tactics, Techniques, and Procedures); translate findings into actionable improvements.
  • Define and track KPIs and metrics for the offensive security program and report findings to the CISO.
  • Drive continuous improvement of the overall security posture by partnering with architecture, engineering, and GRC teams.
  • Support and contribute to vulnerability management processes, including prioritization based on exploitability and business impact.

Key Performance Indicators (KPIs):

  • Red Team Coverage: At least two full red team engagements executed per year, covering critical infrastructure, applications, and cloud environments.
  • Penetration Test Throughput: All agreed penetration tests were delivered on schedule, with high and critical findings reported to stakeholders within 24 hours of identification.
  • Remediation Validation: 90%+ of critical and high findings re-tested and verified as remediated within agreed SLA windows.
  • Detection Improvement: Measurable increase in blue team detection coverage for simulated TTPs, tracked per engagement via a purple team feedback loop.
  • Report Quality: Executive and technical reports rated as “meets or exceeds expectations” by stakeholders for clarity, actionability, and accuracy.
  • Programme Maturity: Year-on-year improvement in red team programme maturity, including tooling, methodology, and rules of engagement.

Key Year-One Deliverables:

  • Within 30 days: Conduct a thorough assessment of Visteon’s existing offensive security capabilities, tooling, prior findings, and threat landscape; establish relationships with the SOC, GRC, and other stakeholders.
  • Within 90 days: Define and publish the red team programme charter including rules of engagement, engagement templates, and reporting standards; execute first internal penetration test and deliver findings to the CISO.
  • Within 6 months: Complete the first full red team engagement simulating a realistic threat actor scenario; establish a purple team feedback loop with the Security Operations team; build or adapt at least one custom offensive tool or capability tailored to Visteon’s environment.
  • Within 12 months: Deliver a comprehensive offensive security programme report to the CISO covering all engagements, risk trends, remediation status, and year-two roadmap; demonstrate measurable improvement in detection coverage attributable to red team activity.

Qualifications, Experience, and Skills:

  • 5–10+ years of progressive experience in offensive security, penetration testing, or red teaming.
  • Proven hands-on expertise across the full attack lifecycle - including network and infrastructure exploitation (Metasploit, Impacket), C2 operations (Cobalt Strike or equivalent), web application testing (Burp Suite, OWASP Top 10), Active Directory and Azure AD attack paths (BloodHound, Rubeus), and custom tooling/payload development in Python or C.
  • Deep understanding of attacker TTPs, MITRE ATT&CK framework, and red team methodologies.
  • Experience leading and managing security teams, including hiring, mentoring, and performance management.
  • Strong knowledge of network protocols, operating systems (Windows, Linux), and cloud environments (Azure, AWS, GCP).
  • Experience with Active Directory and Azure AD attack paths and exploitation techniques.
  • Experience with AV/EDR evasion techniques and the ability to develop or adapt tooling to bypass modern endpoint defenses.
  • Demonstrated ability to produce clear, impactful technical and executive-level security reports.
  • Excellent communication and stakeholder management skills, with experience presenting to senior leadership.
  • Very good command of English.
  • Please include an English version of your resume with your application.

Preferred Qualifications:

  • Experience with adversary simulation platforms and C2 (Command & Control) frameworks.
  • Familiarity with DevSecOps practices and application security testing in CI/CD pipelines.
  • Experience in a global, multi-site enterprise environment.
  • Background in automotive, manufacturing, or OT/ICS environments is a plus.
  • Exposure to physical security assessments or social engineering engagements.
  • Experience working in or alongside SOC/blue team functions to improve detection coverage.

Key Behaviors:

  • Evaluating Problems
  • Critical Thinking (Investigating Issues)
  • Collaboration (Building Relationships)
  • Communicating Information
  • Showing Resilience
  • Demonstrating Global Mindset
  • Processing Details
  • Driving Success

Reporting Structure:

  • Reports to: Chief Information Security Officer (CISO)
  • Location: Palmela, Portugal.

In the fast lane of technology. At Visteon, we’re redefining how the world connects through its vehicles. Our innovations transform the driving experience for millions, powered by a high-performance culture that challenges the status quo and sparks new possibilities—in careers and communities. Join us and help shape the future.

Key Skills

Ranked by relevance

penetration testing cloud active directory simulation metasploit burp suite python linux owasp cicd aws gcp sla ai c
Login to Apply
🇵🇹

Country Guide

Portugal

Startup-friendly with strong expat appeal

Posted
May 18, 2026
Type
Full-time
Level
Not Applicable
Location
Palmela
Company
Visteon Corporation

Industries

Motor Vehicle Parts Manufacturing

Categories

Other Information Technology Management

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
Visteon Corporation
Related

Technical Artist

2026-05-17

Full-time
Not Applicable
India
Motor Vehicle Parts Manufacturing
Design
View Job Details
Stoneridge
Related

Product Cybersecurity Engineer

2026-04-30

Full-time
Not Applicable
Estonia
Motor Vehicle Parts Manufacturing
Information Technology
View Job Details
OESL-Automotive
Related

Regional Cybersecurity Lead

2026-02-23

Full-time
Mid-Senior
Romania
Motor Vehicle Parts Manufacturing
Information Technology