Senior Manager, Application Security
1 month ago
About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients' toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.
But that's not who we are – that's just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
At Coalfire the Application Security (AppSec) Business is composed of highly skilled security testers with a passion for enhancing system security postures. Our team members actively participate in the information security community and have released toolsets, blog posts, and whitepapers. Our team members train and present at numerous industry conferences, including BlackHat, DefCon, ShmooCon, BlueHat, DerbyCon, 44CON, and numerous BSides, covering offensive and defensive operations as well as the tools and capabilities we create and share. Come join an amazing technical security team which makes a difference in the information security industry and consistently pushes the limits of offensive and defensive security capabilities.
We are currently seeking a Senior Manager to support our AppSec Teams Remotely.
Position Summary
The Senior Manager is responsible for the performance of their team of consultants, including team utilization/billability, skillset development, mentoring, and project execution. The Sr. Manager has a strong understanding of Application Security, penetration testing, compliance frameworks, and offensive security best practice requirements, as well as a strong mentoring mentality. The Sr. Manager oversees projects, performs project tasks, and ensures quality reports for clients. They work closely with Project Managers, Directors, and other Delivery team members to effectively manage their team, project timelines, and deliverables for which they are responsible. Sr. Managers may also be asked to support Sales activities.
Additionally, Senior Managers will continue to consult directly for clients for a variety of high-expertise tasks, including application security assessments, code reviews, threat models, and application security program development and implementation engagements.
What You'll Do
- Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve successful project delivery with team and non-team planned resources.
- Either handle or escalate client and project-related issues in a timely manner.
- Interface with clients as a thought leader, individual contributor, and/or Engagement Lead through entire engagement, interacting will all levels of client organizations. Establish and maintain positive, collaborative relationships with clients and stakeholders.
- Collaborate with project managers, quality management, sales, and other delivery team members to drive customer satisfaction and meet project deliverables.
- Lead customer-facing meetings including charter/kickoff, periodic status, and project debrief meetings.
- Provide mentorship and coaching to team members in areas of AppSec-specific penetration testing tradecraft, security consultation, and reporting / presentations.
- Provide HR administrative duties for team members as required.
- Work with AppSec Leadership to develop/mature/maintain SOP's and methodologies in support of AppSec products and services.
- Continuous professional development in maintaining a strong depth of knowledge in the practice area
- Support the team growth through the hiring interview process, acting as the hiring manager and working with your Director on compensation.
- Track team utilization against billable targets.
- Continue to perform direct, billable tasking in any/all application security offerings, including assessments, threat modelling, advisory work, training, and more.
- Provide Sales Support as necessary and in support of developing skills on a management career path. Additionally, continue to develop yourself as the seasoned technical SME.
- Primarily remote
- Ability to travel up to 10% (potentially & during normal circumstances)
What You'll Bring
- Ability to lead penetration testing projects/team independently for the full project lifecycle
- Strong understanding of application architecture and Software Development Lifecycles (SDLC)
- In-depth experience with various testing methodologies and creating custom tools "on-the-fly"
- Strong working knowledge with tools such as Burp Suite, Postman, SQLmap, etc., as well as commercial, automated Static (SAST) and Dynamic (DAST) solutions
- Strong working knowledge of at least two programming or scripting languages
- Strong understanding of API/web services, as well as web, mobile, thick client, and IoT applications
- Strong understanding of security principles, policies, and industry best practices
- An aptitude for technical writing, including assessment reports, presentations, and operating procedures
- Familiarity with Open Web Application Security Project (OWASP), Software Assurance Maturity Model (SAMM), and National Institute of Standards and Technology (NIST) Special Publications
- Understanding of the essential business practices of a professional consulting organization
- Significant experience in a consulting/professional services role
- Significant experience in Application Security or a related role
Bonus Points
- An advanced degree in an IT-related field
- Familiarity with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), and National Institute of Standards and Technology (NIST) Special Publications
- Knowledge of applied cryptographic protocols
- OSCP/E, OSWE, OSED, GWAPT, GPEN, or GXPN certification(s)
Why You'll Want to Join Us
At Coalfire, you'll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you'll work most effectively – whether you're at home or an office.
Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you'll enjoy competitive perks and benefits to support you and your family, like flexible time off, certification and training reimbursement, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $94,000 to $163,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
#LI-Remote
#LI-HJ1
We have other current jobs related to this field that you can find below
-
Senior Application Security Engineer
1 month ago
Remote, Oregon, United States Dotdash Meredith Full timeAbout Your Role: Dotdash Meredith is looking for a Senior Application Security Engineer with a demonstrated track record of innovative thinking, technical expertise, and mentorship. This role will be tasked with supporting product managers, software development teams, vulnerability management and remediation, and improving security coverage throughout the...
-
Remote, Oregon, United States Abnormal Security Full timeAbout the RoleAbnormal Security is looking for an ambitious and growth-minded Senior Product Manager to drive innovation for our flagship Messaging Security Products (MSP) product lines.At Abnormal, we keep our customers—ranging from Global 2000 organizations to small businesses—safe from complex and cutting edge attacks that have the potential to cause...
-
Remote, Oregon, United States Coalfire Full timeAbout Coalfire Coalfire is on a mission to make the world a safer place by solving our clients' toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices and remote positions...
-
Security Engineering
1 week ago
Remote, Oregon, United States Duo Security Full timeWho We Are The Cisco Security Innovation team incubates ideas for the leading provider of network security services, which enables the world to connect with confidence on any device, anywhere, anytime. Cisco Security is passionate about SIG and SASE world and our product portfolio includes the cloud delivers firewall, Web proxy, Zero Trust Proxy, NaaS...
-
Senior Software Engineer
1 month ago
Remote, Oregon, United States Duo Security Full timeSenior Software Engineer (Firewall Datapath) What You'll DoAs a Senior Software Engineer working for the Multicloud Defense team, you'll innovate, design, and develop security features and related infrastructure. The Multicloud Defense team delivers on the promise of cloud-first simplicity with robust cloud security. In this role, you will contribute to...
-
Senior Manager of Internal Security
1 month ago
Remote, Oregon, United States Huntress Full timeReports to: Senior Director of Threat OperationsLocation: Remote positions available in the US and Canada onlyCompensation Range: $175,000 to $200,000 base salary with bonus and equityWhat Sets Us Apart:Established in 2015 as a fully remote organization founded by ex-NSA cyber experts, Huntress operates with a clear mission: to make hackers work hard for...
-
Remote, Oregon, United States Duo Security Full timeWe are Cisco Secure Common Services Engineering, a team of cybersecurity experts and innovative engineers who support the products and developers across Cisco Security. We put our people first, we take bold steps together, and we value transparency each step of the way.Who You'll work with:We provide the basic building blocks for the Cisco Security Cloud....
-
Senior Sales Engineer West
1 month ago
Remote, Oregon, United States Orca Security Full timeRemote San Francisco Bay Area ABOUT USDive right in. Swim with our pod.At Orca, we believe that in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high, have quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you're ready to join...
-
Senior Sales Engineer West
2 weeks ago
Remote, Oregon, United States Orca Security Full timeRemote San Francisco Bay Area ABOUT USDive right in. Swim with our pod.At Orca, we believe that in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high, have quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you're ready to join...
-
Senior Manager, Field Applications
1 month ago
Remote, Oregon, United States Element Biosciences Full timeAt Element Biosciences, we are passionate about our mission to empower the scientific community with more freedom and flexibility to accelerate our collective impact on humanity. We have built a highly efficient product-driven organization where employees can learn, grow, and thrive in a challenging but encouraging environment. We are committed to scientific...
-
Senior Security Sales Engineer
4 weeks ago
Remote, Oregon, United States Rapid7 Full timeAs a Senior Sales Engineer at Rapid7, you will partner closely with our Sales team as the technical point of contact to new and existing customers across all of Rapid7's award winning solutions. If you are comfortable going toe-to-toe in a technical discussion with engineers before shifting gears and having a business value conversation with a CIO, this may...
-
Senior Security Engineer
1 week ago
Remote, Oregon, United States SentiLink Full timeSentiLink provides innovative identity and risk solutions, empowering institutions and individuals to transact confidently with one another. By building the future of identity verification in the United States and reinventing the currently clunky, ineffective, and expensive process, we believe strongly that the future will be 10x better. We've had tremendous...
-
Senior Security Engineer, Blockchain
2 weeks ago
Remote, Oregon, United States Trail of Bits Full timeWho We AreFounded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology's newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions...
-
Manager of Customer Success
1 month ago
Remote, Oregon, United States Security Innovation Full timeSecurity Innovation is looking for a creative, energetic, and data-driven Customer Success Manager to join our team This is a player/coach role that will report to our Vice President of Global Sales. The Customer Success Manager will lead a team that best understands the needs of our customers while ensuring customers get the most value out of our solutions...
-
Senior Security Engineer
1 month ago
Remote, Oregon, United States Curai Health Full timeCurai Health is an AI-powered virtual clinic on a mission to improve access to care at scale. As the pioneer in deploying machine learning into clinical workflows, Curai Health enables its dedicated, specially trained clinicians to deliver primary care to more people at a fraction of the cost. Easy-to-use and convenient, Curai Health partners with insurers...
-
Machine Learning Engineer, Security AI
1 month ago
Remote, Oregon, United States Duo Security Full timeWho We AreThe Cisco Security AI team delivers AI products and platform for all Cisco Secure products and portfolios so businesses around the world can defend against threats and safeguard the most vital aspects of their business with security resilience. We are passionate about making our customers secure by simplifying security with zero compromise using AI...
-
Remote, Oregon, United States Duo Security Full timeWe are Cisco Secure Common Services Platform Engineering, a team of cybersecurity experts and innovative engineers who support the products and developers across Cisco Security. We put our people first, we take bold steps together, and we value transparency each step of the way. We're adding more talented members to our growing team who will help us take...
-
Senior Staff Cyber Security Engineer
1 month ago
Remote, Oregon, United States GE Aerospace Full timeJob Description SummaryWe are seeking an experienced Senior Staff Cyber Security Engineer to lead our efforts in securing AWS and Azure GovCloud environments. The ideal candidate will possess deep expertise in cloud security, particularly within government frameworks, and will be adept at utilizing Cloud Security Posture Management (CSPM) tools such as Wiz....
-
Senior Staff Cyber Security Engineer
2 weeks ago
Remote, Oregon, United States GE Aerospace Full timeJob Description SummaryWe are seeking an experienced Senior Staff Cyber Security Engineer to lead our efforts in securing AWS and Azure GovCloud environments. The ideal candidate will possess deep expertise in cloud security, particularly within government frameworks, and will be adept at utilizing Cloud Security Posture Management (CSPM) tools such as Wiz....
-
Application Specialist Manager
4 weeks ago
Remote, Oregon, United States Motorola Solutions Full timeCompany OverviewAt Motorola Solutions, we're guided by a shared purpose - helping people be their best in the moments that matter - and we live up to our purpose every day by solving for safer. Because people can only be their best when they not only feel safe, but are safe. We're solving for safer by building the best possible technologies across every part...
