30 days old

Offensive Security Sr. Consultant, AWS Specialist

Coalfire Systems
Westminster, CO 80021
  • Job Code
Coalfire Systems

Coalfire is an EEO employer. We celebrate diversity and are committed to respecting one another, embracing individual differences, and creating an inclusive environment for all employees.

Offensive Security Sr. Consultant, AWS Specialist


Job ID: 2020-3409
Type: Regular Full-Time
# of Openings: 1
Category: Penetration Testing


Coalfire is the cybersecurity advisor that helps private and public sector organizations avert threats, close gaps, and effectively manage risk. Our professionals are among the most talented in the industry, and each and every day, they strive to provide the unbiased assessments, advice, and innovative solutions that help our clients meet their specific challenges and build long-term strategies to protect their organizations. For nearly 20 years, we have been on the cutting-edge of one of the world's most important industries and we are committed to making the world a safer place by solving our clients' toughest security challenges.

Coalfire LABS is composed of highly specialized security testers with a passion for enhancing our client's system security postures. Our team members actively participate in the information security community and have released toolsets, blog posts, and whitepapers. Our team members have presented at numerous industry conferences, including Black Hat, DefCon, ShmooCon, BlueHat, 44CON, and numerous BSides, about offensive and defensive operations as well as the tools and capabilities we create and share. Come join an amazing technical security team who makes a difference in the information security industry and consistently pushes the limit of offensive and defensive security capabilities.

We are growing rapidly and are currently seeking an Offensive Security Sr. Consultant for the Cloud Security Services Team with an AWS focus to work remotely. #LI-Remote


As a member of the Labs AWS team, you will be responsible for architecture review, roles and access review, driving the methodology and execution of offensive penetration testing activities. These duties include:

  • Provide guidance to teammates and clients by advising on security and configuration best-practices, defense-in-depth, and secure SDLC.
  • Communicate with client stakeholders to include leadership, systems and network administrators, security engineers, development, and support teams.
  • Enhance and maintain cloud service provider technical testing methodologies and standards.
  • Lead and support penetration testing projects through their entirety, i.e. scoping through out-brief

Participate in internal and external security trainings and conferences


    • Proven track record of success managing client engagements.
    • Professional-level AWS certifications (SAP/DEP), or AWS Specialty certifications with supporting professional experience.
    • Minimum of 2 years of real-world experience with AWS application architectures including:
      • Deep, progressive experience with AWS security concepts, including IAM, STS, and AWS specific security controls and security architecture design patterns.
      • Experience with serverless design concepts and supporting services including S3, SQS, SNS, CloudFront, DynamoDB, Lambda and, API Gateway.
        • Knowledge of advanced/niche AWS services, including Cognito, IoT Core, or SageMaker are a major plus.
        • Familiarity with DevOps engineering concepts, infrastructure automation, pipelines, version control, and deployment strategies are also a plus.
      • Proficiency with a variety of programming languages JavaScript, Java, Python, Go etc.
      • An ability to validate that an environment meets security objectives through offensive security techniques, including:
        • Experience with web application and API penetration testing methods and tools
        • Experience with XSS, CSRF, IDOR, AuthN/AuthZ, and Confused Deputy attacks
      • Practical knowledge of cryptographic concepts
    • Organized and capable of providing formal documentation
    • Flourishes in cooperative work environments
    • Excellent communication and client-facing skills
    • Self-motivated and takes initiative to enhance or improve processes, procedures, and solutions.
    • Mentor teammates less familiar with AWS services and architectures



Posted: 2020-09-19 Expires: 2020-10-20

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Offensive Security Sr. Consultant, AWS Specialist

Coalfire Systems
Westminster, CO 80021

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast