We are seeking an exceptionally skilled and experienced Senior Consultant to join our team. This role leads covert red team, adversary simulation, purple team, and other targeted offensive security engagements that help clients measure detection, response, and resilience against realistic threats. You will simulate real-world threat actors, identify novel vulnerabilities and misconfigurations, build bespoke tradecraft and tooling, and deliver clear guidance that helps clients meaningfully improve their defensive posture. You will play a critical role in shaping our capabilities and ensuring that the Adversary Services team is recognized as one of the leading teams in the offensive security industry.
What You'll Do
- Lead red team, adversary emulation, and purple team engagements for clients across a range of industries and environments, recommending appropriate remediation measures, with reporting aligned to MITRE ATT&CK and other relevant frameworks.
- Detection and response evasion, creation of novel tactics and exploits, simulation of threat actor TTPs, and the evolution of sophisticated command and control (C2) infrastructure.
- Act as a trusted advisor to our clients on security matters, providing insights and recommendations to inform strategic decision-making.
- Develop and execute on sophisticated offensive cybersecurity tradecraft to gain initial access, establish persistence, escalate privileges, move laterally, and evade detection and response controls.
- Stay current with emerging security threats and trends, and proactively identify areas of improvement to enhance our security posture.
- Develop and maintain custom exploit code, scripts, and tools to automate and streamline adversary services activities.
- Contribute to internal tradecraft, reusable tooling, testing methodologies, and team knowledge sharing.
- Support thought leadership through research, internal training, blog content, conference presentations, or customer workshops.
What You'll Bring
- 5+ years of experience in penetration testing, adversary services/red teaming, and purple teaming, with a minimum of 2+ years leading covert Red Team engagements.
- Significant experience creating and delivering specialized testing for customers on the latest threat actor TTPs and capabilities, including advanced persistent threats (APTs), ransomware, and insider threats.
- Experience presenting thought leadership, including talks at security conferences, blogs, or in other forums.
- Deep technical expertise in adversary services-related tradecraft, including development and management of command and control infrastructure, custom development of leading C2 toolsets (e.g. Cobalt Strike, Sliver, Mythic), and stewardship of evasion techniques to maximize effectiveness.
- Extensive experience conducting adversary services engagements across a variety of platforms and environments, including on-premise, cloud, and hybrid environments.
- Excellent communication and collaboration skills, with the ability to effectively convey complex technical concepts to both technical and non-technical audiences.
- Experience in all components of the attack chain, including OSINT, social engineering (e.g. phishing, vishing), custom payload creation, C2 infrastructure, lateral movement, privilege escalation, and impact objectives.
- Technical knowledge of programming and scripting languages (e.g. Python, Ruby, Go) to develop and modify custom evasion tooling and infrastructure.
- Ability to thrive in a fast-paced, dynamic environment, and adapt quickly to changing priorities and requirements.
- Ability to foster a positive work environment and attitude, with a “team first” mentality.
Bonus Points
- Relevant certifications such as CRTO, CRTO II, AT:RTO, OSEP, or related
Skills Required
- 5+ years of experience in penetration testing, adversary services/red teaming, and purple teaming, with minimum 2+ years leading covert Red Team engagements.
- Significant experience creating and delivering testing for threat actor TTPs and capabilities, including APTs, ransomware, and insider threats.
- Experience presenting thought leadership (security conference talks, blogs, or other forums).
- Deep technical expertise in adversary services tradecraft, including development/management of C2 infrastructure and custom C2 toolsets (e.g., Cobalt Strike, Sliver, Mythic) and evasion techniques.
- Extensive experience conducting adversary services engagements across on-premise, cloud, and hybrid environments.
- Excellent communication and collaboration skills to convey complex technical concepts to technical and non-technical audiences.
- Experience across all components of the attack chain: OSINT, social engineering (phishing, vishing), custom payload creation, C2 infrastructure, lateral movement, privilege escalation, and impact objectives.
- Technical knowledge of programming and scripting languages (e.g., Python, Ruby, Go) to develop/modify custom evasion tooling and infrastructure.
- Ability to thrive in a fast-paced, dynamic environment and foster a positive, team-first work environment.
- Relevant certifications such as CRTO, CRTO II, AT:RTO, OSEP, or related.
Coalfire Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Coalfire and has not been reviewed or approved by Coalfire.
-
Leave & Time Off Breadth — Flexible paid time off and paid parental leave are prominently offered, with remote/WFH support enabling time away when workload allows.
-
Healthcare Strength — Comprehensive medical, dental, vision, wellness resources, and an EAP are part of the core package. Carrier coverage and plan options are regularly highlighted across employer materials.
-
Retirement Support — A company‑matched 401(k) is included alongside other financial and development perks. This retirement benefit is consistently featured across benefits overviews.
Coalfire Insights
What We Do
Coalfire is the cybersecurity advisor that helps private and public sector organizations avert threats, close gaps, and effectively manage risk. By providing independent and tailored advice, assessments, technical testing, and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives, and fuel their continued success. Coalfire has been a cybersecurity thought leader for more than 20 years and has offices throughout the United States and Europe.








