Senior Consultant, Human Threats

Job Description

• About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world. But that’s not who we are – that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary: The Human Threats Senior Consultant will work as part of a team assessing the security posture and human-centered detection and response capabilities of client firms against social engineering, insider risk, physical security, and other human-centric attack methods. This role will have an expert level understanding of social engineering tactics, phishing and vishing methodologies, pretext development, human risk assessment, awareness and behavior measurement, and adversary tradecraft targeting people, processes, and technology. They will work closely with the Managing Principal of Human Threats, Project Managers, Directors, and client Points of Contact to effectively meet project timelines and requirements. The Senior Consultant is a technical and strategic leader and mentor with broad and deep consulting skills, meeting the objectives of their engagements, collaborating with clients, mentoring junior teammates, and providing subject matter expertise across two or more human threat domains. The Senior Consultant is a trusted advisor to clients, and through objective testing, assessment activities, and results reporting, supports the client in making well-informed, risk-based decisions to improve overall security posture and resilience against human-centric threats.
• What You'll Do Conduct human threat engagements including social engineering, phishing, vishing, physical assessments, and human risk evaluations. Prepare, review, and approve Human Threat reports to meet quality requirements. Manage priorities and tasks to achieve delivery utilization targets. Advise clients on all testing and assessment activities in a timely and professional manner. Ensure client deliverables and services are delivered on time. Continuous professional development in maintaining industry specific certifications and staying current on emerging human threat tactics and trends. Establish and maintain positive collaborative relationships with clients and stakeholders. Identify up-sell and cross-sell opportunities and escalate to sales. Collaborate with project managers, quality management, sales, and other delivery team members to drive customer satisfaction and meet project deliverables. Mentor junior consultants in social engineering tradecraft, client communications, reporting, and engagement execution. Contribute to the development and refinement of Human Threat methodologies, tooling, playbooks, and service offerings. Contribute to thought leadership through research, blogs, whitepapers, webinars, and conference presentations on human threat, and related security topics. Support the development of the Human Threat practice through original research, service innovation, and externally facing industry content. Represent the Coalfire at industry events, client briefings, and conferences as a subject matter expert. Contribute to other offensive security engagements, as needed, based on business demand, skillset alignment, and delivery priorities when not assigned to Human Threat assessments. Perform other responsibilities as needed in support of client delivery, practice development, and team success.
• What You'll Bring 5 - 8 years client-facing consulting experience 3 - 5 years experience in social engineering, red team, insider risk, physical security Demonstrated expertise of: Social engineering principles and techniques Phishing, vishing, smishing, and other communication-based attack methods Pretext development and adversary emulation against human targets Human risk assessments and behavior-based security evaluations Report writing and client presentation delivery Demonstrated knowledge of: Current threat actor tactics, techniques, and procedures involving human targets Physical security concepts and badge/access control weaknesses Email security controls, identity-based attacks, and user-targeted attack paths Security awareness, culture, and behavior change principles Ability to travel up to 25% Strong writing skills and personal accountability Ability to complete work to standards without direct supervision Time management Demonstrated ability to communicate complex security concepts through written content, client presentations, and public speaking. Excellent communication and presentation skills.
• Bonus Points Knowledge of physical red team tactics and techniques. Executive protection or executive-targeted social engineering scenarios. Behavioral science, psychology, or influence-based training. Threat intelligence related to social engineering campaigns and threat actor tradecraft. Advanced social engineering - AI-based social engineering, phishing, pretext calling, impersonation campaigns. Insider risk program development. Training content development and workshop facilitation. Hardware, badge, or access-control related social engineering experience. Published research, blogs, whitepapers, or conference presentations related to social engineering, human threat, or offensive security.
• $146,000 - $180,000 a year The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
• Why You’ll Want to Join Us At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options. At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].
• We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
• apply for this job