Head of Security Testing @ Sportradar

YOUR PROFILE:  Minimum of 10 years in offensive security, penetration testing, or related cybersecurity experience.  Proven experience in leading a team, with a track record of managing penetration testing or offensive security functions.  Strong expertise in conducting complex penetration tests and vulnerability assessments, ideally in a dynamic, fast-paced environment.  Hands-on experience with industry-standard security tools and frameworks, such as OWASP, MITRE ATT&CK, and various penetration testing tools (e.g., Burp Suite, Metasploit, and others).  Deep understanding of modern threat landscapes, attack methodologies, and countermeasures.  Excellent communication skills, capable of articulating technical security issues to stakeholders at all levels.  Head of Security Testing Company Description We’re the world’s leading sports technology company, at the intersection between sports, media, and betting. More than 1,700 sports federations, media outlets, betting operators, and consumer platforms across 120 countries rely on our know-how and technology to boost their business. Job Description WORK TYPE: Hybrid THE ROLE:  As the Head of Security Testing at Sportradar, you will lead and inspire a specialized global team of penetration testers responsible for identifying, evaluating, and mitigating vulnerabilities across our technology stack. Reporting to the VP, Information Security Advisory & Testing, you will play a critical role in advancing our offensive security capabilities, providing strategic leadership, and ensuring the highest standards of security testing across our global infrastructure.  THE CHALLENGE:  Lead a Talented Team. Manage a team of +4 skilled penetration testers, providing mentorship, direction, and support to drive technical excellence. Strategic Planning. Define the security testing strategy, setting priorities and objectives aligned with Sportradar’s security framework. Advanced Penetration Testing. Oversee complex penetration tests, vulnerability assessments, and red team exercises across our systems, applications, and networks. Risk Assessment & Mitigation. Identify and evaluate security risks, working closely with cross-functional teams to mitigate identified vulnerabilities effectively. Stakeholder Engagement. Act as the primary point of contact for offensive security matters, collaborating with internal and external stakeholders to promote a secure development lifecycle. Third Party Management. Manage external companies that provide security services to Sportradar group. Compliance and Reporting. Support regulatory and compliance requirements, generating reports and metrics to communicate findings to technical and non-technical stakeholders. Innovation & Thought Leadership. Stay abreast of the latest security threats, attack techniques, and industry advancements to drive innovative security solutions within the team. Desirable Skills:  Technical certifications such as OSCE, GPEN, or equivalent are highly advantageous. Knowledge of secure development practices, particularly within CI/CD environments. Familiarity with compliance standards and frameworks. Experience in conducting red team exercises and adversary simulation. OUR OFFER:  A collaborative environment with colleagues from all over the world (Engineering offices in Europe, Asia and US) including various social events and teambuilding. Flexibility to manage your workday and tasks with autonomy. A balance of structure and autonomy to tackle your daily tasks. Vibrant and inclusive community, including Women in Tech and Pride groups which welcome all participants. Global Employee Assistance Programme. Calm and Reulay app (leading well-being apps designed to support focus, quality rest, mindfulness, and long-term mental resilience). Online training videos. Flexible working hours. While we appreciate the flexibility and benefits of working from home, we strongly believe that coming together in person fosters stronger connections, encourages collaboration, and drives innovation—both as individuals and as a company. The energy, shared ideas, and team support we experience in the office strengthen the foundation of our success and culture. For this reason, we are an office-first business operating on a hybrid model, with team members working in the office three days a week to build relationships, exchange ideas, and grow together.  ,[Lead a Talented Team. Manage a team of +4 skilled penetration testers, providing mentorship, direction, and support to drive technical excellence.  , Strategic Planning. Define the security testing strategy, setting priorities and objectives aligned with Sportradar’s security framework.  , Advanced Penetration Testing. Oversee complex penetration tests, vulnerability assessments, and red team exercises across our systems, applications, and networks.  , Risk Assessment & Mitigation. Identify and evaluate security risks, working closely with cross-functional teams to mitigate identified vulnerabilities effectively.  , Stakeholder Engagement. Act as the primary point of contact for offensive security matters, collaborating with internal and external stakeholders to promote a secure development lifecycle.  , Third Party Management. Manage external companies that provide security services to Sportradar group.   , Compliance and Reporting. Support regulatory and compliance requirements, generating reports and metrics to communicate findings to technical and non-technical stakeholders.  , Innovation & Thought Leadership. Stay abreast of the latest security threats, attack techniques, and industry advancements to drive innovative security solutions within the team.  ] Requirements: Security, Testing, Boost, Cybersecurity, OWASP, Burp Suite, Communication skills, REST API Tools: Jira, Confluence, GitHub, SharePoint, GIT, Agile, Scrum. Additionally: Flexible working hours, Sport subscription, Training budget, Private healthcare, Flat structure, Small teams, International projects, Free coffee, Canteen, Bike parking, Playroom, Free snacks, Free beverages, Free lunch, Free parking, In-house trainings, In-house hack days, Modern office, Startup atmosphere, No dress code.