Coalfire3mo ago

GBP 63000–72810/yr

Consultant, Application Security Penetration Tester

United KingdomRemotemid

EngineeringSecurityOtherSecurity Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate,

Technical Tools

EngineeringSecurityOtherSecurity Engineer

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

The Consultant works closely with Project Managers, Delivery Directors, and other Delivery team members to lead engagements, assessing the security of various types of client applications and supporting infrastructure against security best practices. The Consultant is a technical leader with broad technical skills, meeting the objectives of their engagements, collaborating with clients, mentoring teammates, and providing subject matter expertise across one or more technical domains. The Consultant is a trusted advisor to clients, and through objective testing and results reporting, supports the client in making well-informed, risk-based decisions to improve overall security posture.

Working independently and collaboratively with a team to both lead and support

Perform penetration testing on applications with complex technology stacks from both a: Blackbox & Whitebox perspective

Dynamically flex your skills when assessing emerging or custom technologies

Contextualize vulnerabilities and assess realistic impact to a client accounting for mitigating and aggravating factors

Manage priorities and tasks to achieve utilization targets

Operate with professionalism both internally and with clients

Ensure quality reports and services are delivered efficiently and on time

Maintains strong depth of knowledge in the practice area

Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables

Up to 10% travel

Application penetration testing and assessment tradecraft and methodologies (including browser-based, API)

Strong working knowledge of at least two programming or scripting languages

Strong understanding of security principles and industry best practices

Minimum of 2 years’ experience in a consulting/professional services role

Minimum of 2 years’ experience in Application Security and/or Software Development

Proficiency in Web Application Penetration Testing

Strong overall technical skills, with strong expertise in at least one of the following:

Mobile Application Penetration Testing

Thick Application Penetration Testing

Hardware Penetration Testing

Secure Code Review

Container Penetration Testing

Cloud Penetration Testing

Network Active Directory Penetration Testing

AI Penetration Testing

Strong consulting skills including:

Time management, performing adjacent tasks while ensuring on-time delivery, escalating issues as needed

Verbal communication, leading client calls for project kickoffs and debrief

Written communication & Report writing, for both executive audiences and technical staff

High school diploma required

UK CREST Certification and eligibility to be approved for and maintain UK SC level Clearance

Strongly preferred CREST Certifications

CREST Practitioner Security Analyst (CPSA)

CREST Practitioner Threat Intelligence Analyst (CPTIA)

AWAE, OSCP, OSCE, OSEE offensive security certifications

Significant development and engineering backgrounds

Cloud Service penetration testing tradecraft and methodologies across multiple service providers (e.g. AWS, GCP, etc.).

Mobile platform and application penetration testing tradecraft and methodologies across both iOS and Android.

Red/Purple Team tradecraft and methodologies

Social engineering in all its forms

AWS Certified Solutions Architect – Professional, AWS Certified Security, AWS Certified Advanced Networking, AWS Certified SysOps Administrator

Network, Database, System administration experience and certifications

Listing Details

Posted: January 9, 2026
First seen: March 26, 2026
Last seen: April 24, 2026

Posting Health

Days active: 29
Repost count: 0
Trust Level: 51%
Scored at: April 24, 2026

Signal breakdown

freshnesssource trustcontent trustemployer trust

Apply for this position

Coalfire

lever

Coalfire is a cybersecurity advisor that helps private and public-sector organizations avert threats, close gaps, and effectively manage risk. They provide independent, tailored advice, assessments, technical testing, and cyber engineering services to help clients develop scalable programs that improve their security posture and achieve business objectives.

Employees

3k+

Founded

2001

Domain

coalfire.com

Jobs

View 12 jobs

View company profile

Salary

GBP 63000–72810

per year