This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Senior Consultant, Application Security Penetration Tester | Remote US
Denim Group - Denver, CO
posted about 2 months ago
About the position
The Senior Consultant, Application Security Penetration Tester at Coalfire is responsible for leading engagements that assess the security and compliance of client applications and supporting infrastructure. This role involves collaborating with various teams, mentoring junior staff, and providing expert advice to clients to enhance their security posture. The consultant will conduct application penetration testing, threat modeling, and source code reviews while ensuring high-quality deliverables and client satisfaction.
Responsibilities
- Conduct application penetration testing (Browser-based, API, Mobile, IoT)
- Perform threat modeling and source code reviews
- Advise clients on technical security or compliance activities
- Manage priorities and tasks to achieve utilization targets
- Deliver quality reports and services efficiently and on time
- Develop professional skills with relevant industry certifications or training
- Collaborate with project managers and delivery team members to drive customer satisfaction
- Escalate client and project-related issues to management in a timely manner
- Contribute to thought leadership initiatives through blogs and conference speaking
Requirements
- Minimum of 5 years' experience in a consulting/professional services role
- Minimum of 5 years' experience in Application Security and/or Software Development
- Strong working knowledge of at least two programming or scripting languages
- Strong understanding of security principles, policies, and industry best practices
- Experience testing against IT security compliance frameworks such as PCI, FISMA, HIPAA, FedRAMP, or HITRUST
- Familiarity with OSSTMM, OWASP, SAMM, NIST Special Publications, and PTES
- Excellent verbal and written communication skills, including technical writing of assessment reports
- Client-centric consulting with high level of collaboration
- Ability to travel up to 10%
- Bachelor's Degree or equivalent certification and experience
Nice-to-haves
- Software development/engineering experience
- Cloud Service penetration testing across multiple service providers (e.g. AWS, GCP)
- Mobile platform penetration testing on iOS and Android
- Network/host-based penetration testing
- Red/Purple team operations
Benefits
- Flexible work model
- Paid parental leave
- Flexible time off
- Certification and training reimbursement
- Digital mental health and wellbeing support membership
- Comprehensive insurance options
