Job Description

Manager, Red Team: Product Security Engineering

About SailPoint

SailPoint is the leader in identity security for the cloud enterprise. Built on AI and ML, our Identity Security Cloud Platform delivers the right level of access to the right identities and resources at the right time, matching the scale, velocity, and changing needs of today's modern enterprise.

About the Role

You will build and lead a continuous adversarial testing program against SailPoint's next-generation Atlas Platform, using frontier AI as a force multiplier, not a novelty.

A typical day: reviewing results from overnight autonomous testing campaigns, chaining minor vulnerabilities into high-impact proof-of-concept exploits, or handing validated attack playbooks to the CISO's Red Team. You won't write reports that sit in a queue. You will translate adversarial findings into secure design improvements that change how engineering builds software.

About the Team

This is a greenfield offensive security unit within Product Security Engineering, reporting to the Director of Engineering Product Security. The team exists to challenge and secure our identity governance systems, AI-powered product features, and core platform services through continuous adversarial validation, not annual pen tests.

Roadmap for Success

30 Days — Assess & Design

• Complete a comprehensive review of the identity platform architecture, existing security practices, and current attack surface.

• Outline the optimal Red Team structure and identify critical hires based on the program's mandate for agentic AI and continuous testing.

• Deliver an initial strategic vision and program roadmap, clearly distinguishing this program from traditional penetration testing.

60 Days — Build & Prepare

• Open recruiting pipelines and begin actively sourcing, screening, and extending offers for initial Red Team members.

• Draft rules of engagement in collaboration with Product Security and Engineering leadership.

• Complete a preliminary attack surface map of the core identity platform, prioritizing AI product features and agentic orchestration layers.

• Formalize the CISO Red Team partnership with a quarterly cadence for method transfer, tooling configurations, and attack playbooks.

90 Days — Initialize & Execute

• Formally define initial scope and target areas, prioritizing identity platform core and AI features.

• Select, deploy, and configure at least one agentic offensive security platform for autonomous source code analysis or vulnerability chaining.

• Plan and execute the first short-cycle adversarial campaign, establishing initial operational processes.

• Stand up preliminary threat intelligence integration for identity platforms, SaaS infrastructure, and AI/ML attack techniques.

6 Months — Scale & Formalize

• At least 50% of target headcount onboarded and actively contributing to adversarial campaigns with demonstrated proficiency in agentic AI tooling.

• Minimum three distinct continuous adversarial campaigns executed, including dedicated AI product feature testing, producing actionable findings.

• Minimum two detailed exploitation narratives resulting in concrete secure design improvements or SSDLC changes by engineering teams.

• CISO Red Team proving ground fully established, including at least one joint adversarial exercise completed.

1 Year — Full Maturity & Impact

• Full team operational capacity with agentic AI as a core capability, not a supplement.

• Overnight autonomous campaigns running continuously, delivering prioritized findings daily at 3–5x coverage of team size.

• Measurable reduction in high-severity vulnerabilities driven by Red Team findings feeding secure design improvements, threat model updates, and SSDLC enhancements.

• Attack methodology continuously reflecting current real-world TTPs, APT campaigns targeting identity providers, supply chain compromise vectors, and emerging AI-specific attack techniques.

What We're Looking For

Proven offensive security operator who builds teams, not just finds bugs. You have led or built red team programs, not just executed engagements. You know how to hire offensive engineers, define scope, manage rules of engagement, and translate findings into engineering action.

Agentic AI as an offensive weapon, not a buzzword. Hands-on experience with AI-powered offensive tooling, agentic pen testing platforms, or autonomous exploit generation. You know the difference between a scanner with an AI label and a system that reasons about attack paths.

Source code analysis depth beyond scanning. You find vulnerabilities through semantic analysis, not pattern matching. You read code, reason about exploitability, and build proof-of-concept exploits across multiple languages. You understand the vulnerability classes that matter for identity platforms: authentication flow weaknesses, authorization logic flaws, entitlement calculation errors, and tenant isolation failures.

AI/LLM attack surface expertise. You have tested adversarial attacks against AI systems, prompt injection, goal redirection, RAG poisoning, model supply chain compromise, or agentic scope escape. You know OWASP Top 10 for LLM Applications, MITRE ATLAS, and NIST AI RMF as applied to offensive testing.

Chain analysis and multi-step exploitation thinking. You think in attack paths, not individual findings. When you find a medium-severity issue, your instinct is to ask what it enables when combined, not to file it and move on.

Communication that drives engineering action. You write exploitation narratives that a VP of Engineering reads and acts on. You present to executives without losing technical credibility. A finding without a remediation path and a business impact statement is a finding that gets deprioritized, and you know that.

Identity and access management domain knowledge. OAuth/OIDC/SAML weaknesses, entitlement edge cases, tenant isolation boundaries, privilege escalation through identity chaining. Prior experience testing identity platforms or IAM products is strongly preferred.

Requirements

• 5+ years of offensive security experience with at least 2 years in a team lead or management role

• Demonstrated experience with agentic or AI-powered offensive security tooling in a production program

• Hands-on proficiency in at least two of: application pen testing, source code security review, cloud security assessment, AI/LLM adversarial testing

• Experience operating in or building a red team program at a SaaS or platform company

• Strong written communication, you will produce exploitation chain documentation that drives executive decisions

• Bachelor's degree in a relevant field or equivalent experience

Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.

As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint’s differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD):

Base salaries for employees based in other locations are competitive for the employee’s home location.

Benefits Overview

1. Health and wellness coverage: Medical, dental, and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children

5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.