Senior Manager - Red Team | Remote US

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. 

And we’re growing fast.

We're looking for a Senior Manager to join our Penetration Testing Team.

Position Summary

The Senior Manager is responsible for the performance of their team of consultants, including team utilization/billability, skillset development, mentoring, and project execution. The Sr. Manager has a strong understanding of Advanced Persistent Threat Tactics Techniques and Procedures (APT TTP), Red Teaming, penetration testing, compliance frameworks, and offensive security best practice requirements, as well as a strong mentoring mentality.  The Sr. Manager oversees projects, performs project tasks, and ensures quality reports for clients. They work closely with Project Managers, Directors, and other Delivery team members to effectively manage their team, project timelines, and deliverables for which they are responsible. Sr. Managers may also be asked to support Sales activities.

• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve successful project delivery with team and non-team planned resources
• Either handle or escalate client and project-related issues in a timely manner
• Interface with clients as a thought leader, individual contributor, and/or Engagement Lead through entire engagement, interacting will all levels of client organizations
• Establish and maintain positive, collaborative relationships with clients and stakeholders
• Collaborate with project managers, quality management, sales, and other delivery team members to drive customer satisfaction and meet project deliverables
• Lead customer-facing meetings including charter/kickoff, periodic status, and project debrief meetings
• Provide mentorship and coaching to team members in areas of Red Team-specific penetration testing tradecraft, security consultation, and reporting / presentations
• Provide HR administrative duties for team members as required
• Work with Red Team Leadership to develop/mature/maintain SOP’s and methodologies in support of Red Team products and services
• Continuous professional development in maintaining a strong depth of knowledge in the practice area
• Support the team growth through the hiring interview process, acting as the hiring manager and working with your Director on compensation
• Track team utilization against billable targets
• Continue to perform direct, billable tasking in any/all Red Team offerings, including assessments, advisory work, training, and more
• Provide Sales Support as necessary and in support of developing skills on a management career path.  Additionally, continue to develop yourself as the seasoned technical SME
• Ability to travel up to 10% (potentially & during normal circumstances)

• Ability to lead penetration testing projects/team independently for the full project lifecycle
• Strong understanding of advanced pen testing methodologies and Software Development Lifecycles (SDLC)
• In-depth experience with various testing methodologies and creating custom solutions to hard problems “on-the-fly”
• Strong working knowledge with tools such as Burp Suite, MITRE CALDERA, Wireshark etc.
• Strong working knowledge of at least two programming or scripting languages
• Strong understanding of API/web services, as well as web, mobile, thick client, and IoT applications
• Strong understanding of security principles, policies, and industry best practices
• An aptitude for technical writing, including assessment reports, presentations, and operating procedures
• Familiarity with Open Web Application Security Project (OWASP), Software Assurance Maturity Model (SAMM), and National Institute of Standards and Technology (NIST) Special Publications
• Understanding of the essential business practices of a professional consulting organization
• Significant experience in a consulting/professional services role
• Significant experience in Red Team or a related role

• An advanced degree in an IT-related field
• Knowledge of applied cryptographic protocols
• OSCP/E, OSWE, OSED, GWAPT, GPEN, or GXPN certification(s)

Why You'll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is  $94,000 to $163,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

#LI-Remote

#LI-HJ1