Job Title

Job Title: Attack Surface Management (ASM) Trainer Location: Remote Employment Type: Full-time Experience Required: 5+ Years in Cybersecurity / Offensive Security About the Role We are looking for an experienced and passionate Attack Surface Management (ASM) Trainer to lead hands-on training sessions for cybersecurity professionals and red teamers. The ideal candidate will have strong technical expertise in external attack surface discovery, vulnerability assessment, and ASM tools, along with a flair for teaching and mentoring. As a trainer, you will be responsible for designing and delivering high-impact training programs that equip learners with practical skills in ASM, OSINT, and vulnerability intelligence. You'll also guide learners in mastering real-world ASM tools and offensive techniques used in red team engagements. Key Responsibilities Design and deliver structured training modules on Attack Surface Management, OSINT, and vulnerability intelligence. Train participants in the use of ASM platforms (e.g., CyCognito, Netlas, Shodan, Censys, RiskIQ, etc.). Conduct hands-on labs covering domain/IP discovery, cloud exposure mapping, asset attribution, and misconfiguration detection. Teach how to analyze and prioritize external threats using frameworks like MITRE ATT&CK and CVSS/EPSS. Stay up to date with the latest ASM trends, tools, and adversary techniques and update course content accordingly. Conduct assessments and evaluations to monitor trainee progress. Mentor learners through real-world simulations and lab-based challenges. Support internal teams by developing knowledge-sharing sessions and upskilling programs. Technical Skills Required Strong experience in ASM, external threat mapping, and internet-wide scanning. Hands-on with tools like CyCognito, Netlas, Shodan, Censys, SecurityTrails, FOFA, ZoomEye, etc. Knowledge of vulnerability intelligence platforms (Tenable, Qualys, AWS Inspector). Deep understanding of OSINT techniques, reconnaissance workflows, and attack surface mapping. Scripting knowledge (Python, Bash, PowerShell) for automation is a plus. Familiarity with networking protocols (TCP/IP, HTTP/S, DNS), cloud services, and web attack vectors. Soft Skills Excellent presentation and public speaking skills. Strong ability to simplify complex concepts and communicate effectively with learners of all levels. Passionate about teaching, mentoring, and continuous learning. Ability to create engaging, hands-on content and real-world simulation environments. Preferred Certifications (Optional but a Plus) OSCP / CRTP / CRTO / CEH CySA+, CompTIA Security+ CVA or equivalent vulnerability-focused certifications Any cloud or OSINT certifications