At RedHelm, we deliver tailored technology solutions designed to support our clients as they grow and to respond immediately when threats arise. Our mission is rooted in partnership, precision, and protection — values that are reflected in our name. RedHelm symbolizes elite protection, decisive leadership, and forward-driven strength, aligning closely with our commitment to excellence in everything we do.
We have a clear vision as an employer: to be the preferred technology employer for skill mastery, team formation, and career longevity. That vision is supported by a strong foundation of core ideals shared by every member of our team. We answer the call in moments of urgency or uncertainty, responding with focus, composure, and dependability. We own it by stepping up, following through, and taking pride in delivering what matters most to our clients and partners. We act with integrity, doing what’s right—not just what’s easy—while contributing to the communities we serve. We continuously raise the bar, bringing discipline, precision, and a drive for improvement to every challenge we face. And above all, we win together, celebrating our shared successes as one united team.
At RedHelm, we don’t just build technology—we build trust, deliver impact, and lead with purpose.
RedHelm is seeking a Senior Security Consultant to support and grow our Offensive Security practice. This is a highly independent role responsible for leading technical engagements, owning client relationships, and delivering advanced application and network security testing. You will serve as a subject matter expert in offensive security, mentor junior consultants, and help clients strengthen their security posture through precise, high-impact assessments and clear, actionable guidance.
Lead and execute advanced offensive security engagements across diverse client environments.
Serve as the primary client relationship owner for web application, mobile application, API, and network penetration testing engagements.
Conduct technical assessments including:
Web application penetration testing
Mobile application penetration testing
API penetration testing
Network penetration testing
Red and Purple Team operations
Social engineering and adversarial threat emulation
Assumed breach assessments
Cloud and IoT security testing
Vulnerability assessments and ethical hacking
Communicate complex findings, risks, and remediation recommendations clearly to both technical and executive stakeholders.
Mentor associates and interns, supporting training and capability development within the team.
Collaborate with Red Team peers to plan and execute multi-stage engagements.
Contribute to the refinement of team methodologies, techniques, and tooling.
Assist in testing and deploying custom offensive security tools designed to support engagement needs.
Ensure adherence to all Information Security policies and privacy requirements, maintaining strict protection of sensitive client data.
Follow operational and security controls to ensure client environments remain secure and protected.
6–9 years of experience in penetration testing, red teaming, and security consulting, with strong capability in:
Web application penetration testing
Mobile application penetration testing
API penetration testing
Network penetration testing
Proven ability to operate independently and lead high-impact technical engagements.
Strong communication skills with the ability to translate complex technical concepts clearly for varied audiences.
Demonstrated passion for offensive security and prior experience in a consulting environment.
Experience with commonly used attack frameworks and tooling (Cobalt Strike, PoshC2, Metasploit, Empire, Core Impact, etc.).
Strong documentation skills with the ability to deliver clear, concise reporting.
Familiarity with security domains such as security architecture, cryptography, identity and access management, network security, and security operations.
Solid understanding of vulnerabilities and mitigations aligned with OWASP Top Ten and CWE Top 25.
Ability to think and operate like an adversary in both remote and onsite engagements.
OSCP, OSCE, OSWE, CISSP, GPEN, GXPN, or other relevant offensive security certifications.
Classification: Full-time, Exempt Location: Fully Remote
Level: Technical Level IV (Senior Security Consultant)
Department: Offensive Security
Reports to: VP of Offensive Security