Note: The job is a remote job and is open to candidates in USA. Coalfire is on a mission to make the world a safer place by solving clients’ hardest cybersecurity challenges. They are seeking a Senior Consultant to lead covert red team engagements and provide clients with insights to improve their cybersecurity posture.
Responsibilities
- Lead red team, adversary emulation, and purple team engagements for clients across a range of industries and environments, recommending appropriate remediation measures, with reporting aligned to MITRE ATT&CK and other relevant frameworks
- Detection and response evasion, creation of novel tactics and exploits, simulation of threat actor TTPs, and the evolution of sophisticated command and control (C2) infrastructure
- Act as a trusted advisor to our clients on security matters, providing insights and recommendations to inform strategic decision-making
- Develop and execute on sophisticated offensive cybersecurity tradecraft to gain initial access, establish persistence, escalate privileges, move laterally, and evade detection and response controls
- Stay current with emerging security threats and trends, and proactively identify areas of improvement to enhance our security posture
- Develop and maintain custom exploit code, scripts, and tools to automate and streamline adversary services activities
- Contribute to internal tradecraft, reusable tooling, testing methodologies, and team knowledge sharing
- Support thought leadership through research, internal training, blog content, conference presentations, or customer workshops
Skills
- 5+ years of experience in penetration testing, adversary services/red teaming, and purple teaming, with a minimum of 2+ years leading covert Red Team engagements
- Significant experience creating and delivering specialized testing for customers on the latest threat actor TTPs and capabilities, including advanced persistent threats (APTs), ransomware, and insider threats
- Experience presenting thought leadership, including talks at security conferences, blogs, or in other forums
- Deep technical expertise in adversary services-related tradecraft, including development and management of command and control infrastructure, custom development of leading C2 toolsets (e.g. Cobalt Strike, Sliver, Mythic), and stewardship of evasion techniques to maximize effectiveness
- Extensive experience conducting adversary services engagements across a variety of platforms and environments, including on-premise, cloud, and hybrid environments
- Excellent communication and collaboration skills, with the ability to effectively convey complex technical concepts to both technical and non-technical audiences
- Experience in all components of the attack chain, including OSINT, social engineering (e.g. phishing, vishing), custom payload creation, C2 infrastructure, lateral movement, privilege escalation, and impact objectives
- Technical knowledge of programming and scripting languages (e.g. Python, Ruby, Go) to develop and modify custom evasion tooling and infrastructure
- Ability to thrive in a fast-paced, dynamic environment, and adapt quickly to changing priorities and requirements
- Ability to foster a positive work environment and attitude, with a 'team first' mentality
- Relevant certifications such as CRTO, CRTO II, AT:RTO, OSEP, or related
Benefits
- Flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office
- Prioritizes connection and wellbeing
- Opportunities to join employee resource groups
- Participate in in-person and virtual events
- Competitive perks and benefits to support you and your family
- Paid parental leave
- Flexible time off
- Certification and training reimbursement
- Digital mental health and wellbeing support membership
- Comprehensive insurance options
Company Overview
Company H1B Sponsorship