Senior Security Consultant | Offensive Security

RedHelm is seeking a Senior Security Consultant to support and grow our Offensive Security practice. This is a highly independent role responsible for leading technical engagements, owning client relationships, and delivering advanced application and network security testing. You will serve as a subject matter expert in offensive security, mentor junior consultants, and help clients strengthen their security posture through precise, high-impact assessments and clear, actionable guidance.

• Lead and execute advanced offensive security engagements across diverse client environments.

• Serve as the primary client relationship owner for web application, mobile application, API, and network penetration testing engagements.

• Conduct technical assessments including:

  • Web application penetration testing

  • Mobile application penetration testing

  • API penetration testing

  • Network penetration testing

  • Red and Purple Team operations

  • Social engineering and adversarial threat emulation

  • Assumed breach assessments

  • Physical breach assessments

  • Cloud and IoT security testing

  • Vulnerability assessments and ethical hacking

• Communicate complex findings, risks, and remediation recommendations clearly to both technical and executive stakeholders.

• Mentor associates and interns, supporting training and capability development within the team.

• Collaborate with Red Team peers to plan and execute multi-stage engagements.

• Contribute to the refinement of team methodologies, techniques, and tooling.

• Assist in testing and deploying custom offensive security tools designed to support engagement needs.

• Ensure adherence to all Information Security policies and privacy requirements, maintaining strict protection of sensitive client data.

• Follow operational and security controls to ensure client environments remain secure and protected.

• 6–9 years of experience in penetration testing, red teaming, and security consulting, with strong capability in:

  • Web application penetration testing

  • Mobile application penetration testing

  • API penetration testing

  • Network penetration testing

• Proven ability to operate independently and lead high-impact technical engagements.

• Strong communication skills with the ability to translate complex technical concepts clearly for varied audiences.

• Demonstrated passion for offensive security and prior experience in a consulting environment.

• Experience with commonly used attack frameworks and tooling (Cobalt Strike, PoshC2, Metasploit, Empire, Core Impact, etc.).

• Strong documentation skills with the ability to deliver clear, concise reporting.

• Familiarity with security domains such as security architecture, cryptography, identity and access management, network security, and security operations.

• Solid understanding of vulnerabilities and mitigations aligned with OWASP Top Ten and CWE Top 25.

• Ability to think and operate like an adversary in both remote and onsite engagements.

OSCP, OSCE, OSWE, CISSP, GPEN, GXPN, or other relevant offensive security certifications.

Classification: Full-time, Exempt Location: Fully Remote

• Level: Technical Level IV (Senior Security Consultant)

• Department: Offensive Security

• Reports to: VP of Offensive Security