Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead penetration testing on client applications and assess security best practices.
- Company: Join Coalfire, a leader in cybersecurity solutions with a mission to make the world safer.
- Benefits: Enjoy flexible work options, competitive salary, and comprehensive benefits including mental health support.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology and passionate problem-solvers.
- Qualifications: Experience in application security and strong technical skills in programming or scripting languages.
- Other info: Collaborative environment with opportunities for professional growth and community involvement.
The predicted salary is between 53000 - 65000 ÂŁ per year.
About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever‑changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world. But that’s not who we are – that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem‑solvers who are hungry to learn, grow, and make a difference.
The Consultant works closely with Project Managers, Delivery Directors, and other Delivery team members to lead engagements, assessing the security of various types of client applications and supporting infrastructure against security best practices. The Consultant is a technical leader with broad technical skills, meeting the objectives of their engagements, collaborating with clients, mentoring teammates, and providing subject‑matter expertise across one or more technical domains. The Consultant is a trusted advisor to clients, and through objective testing and results reporting, supports the client in making well‑informed, risk‑based decisions to improve overall security posture.
What You'll Do
- Working independently and collaboratively with a team to both lead and support
- Perform penetration testing on applications with complex technology stacks from both a Blackbox & Whitebox perspective
- Dynamically flex your skills when assessing emerging or custom technologies
- Contextualize vulnerabilities and assess realistic impact to a client accounting for mitigating and aggravating factors
- Manage priorities and tasks to achieve utilization targets
- Operate with professionalism both internally and with clients
- Ensure quality reports and services are delivered efficiently and on time
- Maintain strong depth of knowledge in the practice area
- Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables
- Up to 10% travel
What You'll Bring
- Application penetration testing and assessment tradecraft and methodologies (including browser‑based, API)
- Strong working knowledge of at least two programming or scripting languages
- Strong understanding of security principles and industry best practices
- Minimum of 2 years’ experience in a consulting/professional services role
- Minimum of 2 years’ experience in Application Security and/or Software Development
- Proficiency in Web Application Penetration Testing
- Strong overall technical skills, with strong expertise in at least one of the following:
- Mobile Application Penetration Testing
- Thick Application Penetration Testing
- Hardware Penetration Testing
- Secure Code Review
- Container Penetration Testing
- Cloud Penetration Testing
- Network Active Directory Penetration Testing
- AI Penetration Testing
- Time management, performing adjacent tasks while ensuring on‑time delivery, escalating issues as needed
- Verbal communication, leading client calls for project kickoffs and debrief
- Written communication & Report writing, for both executive audiences and technical staff
Bonus Points
- UK CREST Certification and eligibility to be approved for and maintain UK SC level Clearance
- Strongly preferred CREST Certifications
- CREST Practitioner Security Analyst (CPSA)
- CREST Practitioner Threat Intelligence Analyst (CPTIA)
- AWAE, OSCP, OSCE, OSEE offensive security certifications
- Significant development and engineering backgrounds
- Cloud Service penetration testing tradecraft and methodologies across multiple service providers (e.g. AWS, GCP, etc.).
- Mobile platform and application penetration testing tradecraft and methodologies across both iOS and Android.
- Red/Purple Team tradecraft and methodologies
- Social engineering in all its forms
- AWS Certified Solutions Architect – Professional, AWS Certified Security, AWS Certified Advanced Networking, AWS Certified SysOps Administrator
- Network, Database, System administration experience and certifications
£63,000 - £72,810 a year. The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job‑related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
Why You'll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office. Regardless of location, you’ll experience a company that prioritises connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in‑person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.
Consultant, Application Security Penetration Tester employer: Coalfire
Contact Detail:
Coalfire Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Consultant, Application Security Penetration Tester
✨Tip Number 1
Network like a pro! Reach out to current employees at Coalfire on LinkedIn or other platforms. Ask them about their experiences and any tips they might have for the interview process. It’s all about making connections!
✨Tip Number 2
Prepare for those technical interviews! Brush up on your application security knowledge and be ready to discuss your past projects. We want to see how you think and solve problems, so practice explaining your thought process.
✨Tip Number 3
Show off your passion for cybersecurity! During interviews, share your enthusiasm for the field and any personal projects or learning experiences you've had. This will help us see that you’re not just looking for a job, but a place to grow.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team at Coalfire.
We think you need these skills to ace Consultant, Application Security Penetration Tester
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Consultant role. Highlight your experience in application security and penetration testing, and don’t forget to mention any relevant certifications you hold!
Show Off Your Skills: We want to see your technical prowess! Include specific examples of your work with different technologies and methodologies in your application. This is your chance to shine and show us what you can do.
Be Clear and Concise: When writing your application, keep it straightforward. Use clear language and structure your thoughts logically. We appreciate a well-organised application that’s easy to read and understand.
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way to ensure we receive your details directly and can get back to you quickly. We’re excited to hear from you!
How to prepare for a job interview at Coalfire
✨Know Your Tech Inside Out
Make sure you brush up on your application penetration testing skills, especially in areas like browser-based and API testing. Be ready to discuss specific methodologies you've used and how they apply to the role at Coalfire.
✨Showcase Your Problem-Solving Skills
Coalfire values passionate problem-solvers, so prepare examples of how you've tackled complex security challenges in the past. Think about situations where you had to flex your skills or adapt to new technologies.
✨Communicate Clearly and Confidently
Since you'll be leading client calls and writing reports, practice articulating your thoughts clearly. Use technical language appropriately, but also ensure you can explain concepts to non-technical stakeholders.
✨Demonstrate Team Collaboration
Highlight your experience working with project managers and delivery teams. Be prepared to discuss how you manage priorities and tasks while ensuring on-time delivery, as this is crucial for success in the role.
