Build Your Career in Cybersecurity -
YOUR WAY

About Coalfire

​

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

​

But that’s not who we are – that’s just what we do.

​

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

​

Coalfire’s AppSec team is composed of highly specialized application security testers. Not only are we ethical hackers, but trusted advisors, where true consultancy shines through. At Coalfire, we take pride in being a partner to our clients. On our AppSec team, you work individually, but also in large groups depending on engagements. Come join our fun team where you can showcase your abilities, deepen your technical skills, expand your knowledge, be mentored while mentoring others, and have a great time while doing it.

• Perform application security assessments using penetration testing, threat modeling, and code review techniques.
• Identify and remediate security vulnerabilities in web applications, APIs, cloud environments, and enterprise systems.
• Conduct API security testing (SOAP, REST, GraphQL) and evaluate authentication/authorization mechanisms.
• Analyze network security controls, including firewalls, SSL/TLS, encryption, and VPN configurations.
• Collaborate with development teams to integrate security into the Secure Development Life Cycle (SDLC).
• Conduct code reviews across various languages to identify security flaws and vulnerabilities.
• Work with cloud security testing methodologies and ensure compliance with security standards.
• Provide clear, well-written reports with actionable recommendations.
• Consult with clients to explain findings, address security concerns, and provide remediation guidance.
• Support mentorship and knowledge sharing within the team.
• Lead and support penetration testing projects from start to finish.
• Contribute to thought leadership through blog posts, conference talks, and R&D initiatives.
• Stay up to date with security policies, industry best practices, and emerging threats.

Required Qualifications:

• A sense of humor and a good collection of memes and GIFs!
• Strong knowledge of OWASP Top 10 and ability to explain vulnerabilities and attack vectors.
• Hands-on experience with web application security testing and exploits.
• Proficiency in Linux, VMWare, and GitHub for security assessments.
• Working knowledge of popular web technologies like .NET, Java EE, Node.js, Rails, or JavaScript.
• Familiarity with code scanning and dynamic analysis tools.
• Expertise in API security testing and protocol handling.
• Experience working with cloud security principles (AWS, GCP, Azure).
• Understanding of IAM policies and security configurations in cloud environments.
• Strong problem-solving and critical-thinking skills.
• Ability to work independently and collaborate with teams effectively.
• Strong time management and ability to meet deadlines.
• Excellent verbal and written communication skills—able to explain findings to technical and non-technical stakeholders.
• Open to constructive feedback and continuous learning.
• A passion for mentorship and knowledge sharing.
• A client-centric mindset with a high level of professionalism and collaboration.
• Bachelor’s degree (four-year college or university) or equivalent combination of education and work experience.

​

Preferred Qualifications:

• Experience with AWS security concepts (IAM, STS, security controls, serverless architectures).
• Hands-on experience with AWS services like S3, SQS, SNS, Lambda, and API Gateway.
• Familiarity with DevSecOps, CI/CD security, and infrastructure automation.
• Experience in mobile security (iOS/Android) and IoT testing.
• Deep understanding of network and host-based penetration testing methodologies.
• AWS Cloud Practitioner
• AWS Certified Security – Specialty
• Offensive Security Certified Professional (OSCP)

$126,000 - $138,000 a year

​

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

​

Why You’ll Want to Join Us

​

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

​

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

​

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.

Senior Security Content Engineer

​

Senior Security Content Engineer needed in New York, NY to assist our global customers manage their deployments and Azure cloud security solutions.

• Derive security insights through generating detection logic, automation and visualizations.
• Ideate and create client-facing detections to surface security and IT operations concerns.
• Collaborate with clients to design and implement visualizations to assist with understanding security posture, interesting events, and operations metrics.
• Test and tune detection logic to minimize false positives, alert duplication, and whitelisting.
• Identify opportunities for client-specific needs to become base content, including rules, automations, and dashboards.
• Identify opportunities for log content reduction and removal irrelevant events.
• Deliver functional value resulting from research in the form of queries, signatures, rules, and contextual information.
• Advancement of security policies, procedures, and automation.
• Serve as the technical escalation point.
• Communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual.
• Signature writing /algorithm creation. Analyze event logs and recognize signs of cyber intrusions/attacks.
• Use Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites.
• Develop, automate, and orchestrate tasks with logic apps based on certain events.
• Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks.
• Advise on the Microsoft Cloud Security capabilities across the Azure platform.
• Use Kusto Query Language and scripting languages (Python, PowerShell, BASH and others).
• Digital forensic analysis (host, network, other). Use knowledge of network protocols and devices.
• Use Wireshark, TCP Dump, Security Onion, and Splunk. Use SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS, Network Monitoring Tools, Case Management System, Knowledge Base, Web Security Gateway, Email Security, Data Loss Prevention, Anti-Virus, Network Access Control, Encryption, Vulnerability Identification.
• Use knowledge of intrusion analysis, digital forensics, penetration testing, detection engineering.
• Use .Net programming, jupyter notebooks, and scripting/ development using web APIs.

Experience and Education Required:

​

• Bachelor’s degree in Computer Science plus two years of experience in the job offered or a similar occupation or a HS degree plus four years of experience in the job offered or a similar occupation.

Option to Telecommute.

Salary: $125,500.

Send resume to: S Sharma, BlueVoyant Management LLC, 6 East 45th Street, Floor 17, New York, NY 10017.

​

BlueVoyant Candidate Privacy Notice

​

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice

Summary

​

Binary Defense is seeking a Senior Security Automation Engineer to join our team.

​

This role is critical in helping the organization reach its Security Orchestration Automation and Response (SOAR) development roadmap goals supporting enabling our Security Operations team to efficiently protect a growing customer base in a 24x7x365 environment. The Senior Security Automation Engineer will design, develop, test, and maintain an ever-evolving SOAR implementation providing an effective, high quality, and scalable technology solution for the Binary Defense SOC to support our customers.

​

This Senior level position is designed for an individual who is ready to take on leadership responsibilities and push the boundaries of what's possible with a SOAR implementation. If you are passionate about making a significant impact and driving technical excellence, we encourage you to apply.

​

Company Overview

​

Binary Defense is a trusted leader in security operations, supporting companies of all sizes to proactively monitor, detect, and respond to cyberattacks. The company offers a personalized Open XDR approach to Managed Detection and Response, advanced Threat Hunting, Digital Risk Protection, Phishing Response, and Incident Response services, helping customers mature their security program efficiently and effectively based on their unique risks and business needs.

​

With a world-class 24/7 SOC, deep domain expertise in cyber, and sophisticated technology, hundreds of companies across every industry have entrusted Binary Defense to protect their business. Binary Defense gives companies actionable insights within minutes not hours, confidence in their program to be resilient to ever-changing threats, and the time back that matters most to their business.

​

Binary Defense is also the Trusted Cybersecurity Partner of the Cleveland Browns and partners with PGA TOUR players.

• Effectively collaborate within a technology delivery team to:
• Deliver world-class security solutions of the highest quality utilizing modern software engineering practices.
• Define, design, estimate, plan, & execute on business requirements in partnership with Product Management, internal stakeholders, & customers.
• Write high-quality, well-tested code.
• Develop and implement automations, dashboards, correlations and playbooks improving the quality of detection and response.
• Systematically troubleshoot production issues and deliver timely resolutions.
• Continuously improve self, team, and the larger organization, as well as the tools and processes for delivering and supporting technology to enable the Binary Defense SOC.

Required Qualifications

​

• Computer Science, Software Engineering, or similar degree. Equivalent real-world experience would be acceptable in lieu of degree.
• At least 5 years of hands-on system engineering experience on security platforms (SIEMs, EDRs, SOARs, etc.).
• Experience in Palo Alto XSOAR (Demisto), Google SecOps, D3 or other SOAR platforms.
• Proficiency in scripting languages such as Python, PowerShell, and JavaScript.
• Passion for security automation and understanding of security incident response.
• Knowledge of security frameworks including MITRE ATT&CK, NIST, etc.
• Experience and advocate for working in an environment with CI/CD, Test Automation, and Monitoring.
• Experience with GIT or other version control systems.
• Experience with incremental delivery of features as part of a Software Development Life Cycle.
• Experience successfully working with distributed teams.
• Candidate must be able to obtain legal employment in the US. No visa sponsorship.

Preferred Qualifications

​

• Strong critical thinking, analytical, and problem-solving skills.
• Outstanding written and verbal communication skills.
• Continuous learner – ability and motivation to quickly learn & deliver value with new technologies.
• Relevant security certifications (e.g., CISSP, Security+, etc.) are a plus

Binary Defense offers competitive medical, dental and vision coverage for employees and dependents, a 401k match which vests every payroll, a flexible and remote friendly work environment, as well as training opportunities to expand your skill set (to name a few!). If you’re interested in joining a growing team with great perks, we encourage you to apply!