Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised

Description

  • Maintain and support SIEM platforms in AWS, Azure, and GCP environments to meet continuous monitoring and compliance requirements.
  • Manage log collection infrastructure, including forwarders, collectors, and ingestion pipelines across hybrid environments.
  • Tune SIEM performance, storage, retention settings, and licensing under operational guidelines.
  • Develop, tune, and maintain detection rules, correlation searches, alerting logic, custom parsers, and field extractions.
  • Reduce false positives through rule tuning, baseline analysis, and ongoing detection improvements.
  • Monitor SIEM alerts, investigate security events, and support incident response and threat hunting activities.
  • Contribute to detection and response playbooks, operational procedures, architecture documentation, and runbooks.
  • Troubleshoot SIEM ingestion, parsing, and performance issues and help onboard new log sources.
  • Collect SIEM control evidence and artifacts for audits and 3PAO assessments and ensure configurations meet required controls.
  • Collaborate with infrastructure, application, and cross-functional teams, provide guidance to junior team members, and support process automation and improvement initiatives.

Requirements

  • 3+ years of hands-on systems engineering and architecture experience, including requirements definition, architecture development, use-case/story creation, and systems integration/testing.
  • 3+ years of cloud experience in architecture, design, implementation, operations, and automation with AWS, Azure, or GCP.
  • Proven expertise with SIEM platforms such as Splunk, Sentinel, ELK, LogRhythm, or Sumo Logic.
  • Experience with enterprise antivirus solutions such as Trend Micro, CrowdStrike, or Microsoft Defender.
  • Understanding of AWS, Azure, or GCP platform capabilities, ideally as a Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer.
  • Experience working in Agile environments with technical teams of three or more people.
  • Excellent communication, organizational, problem-solving, and documentation skills.
  • Ability to work both independently and collaboratively in fast-paced, dynamic environments.
  • Demonstrated experience delivering end-to-end SIEM solutions in large-scale or high-compliance environments and integrating multiple security tools into an enterprise monitoring solution.
  • Experience working under regulatory or industry frameworks such as FedRAMP, HIPAA, or PCI.
  • Splunk Enterprise Certified Admin, SumoLogic Administration, or Microsoft Security Operations Analyst Associate certification.
  • One of the following cloud certifications: AWS Solutions Architect Professional, AWS DevOps Engineer Professional, Azure Solutions Architect Expert, or GCP Cloud Architect.
  • Bachelor's degree or equivalent work experience.
  • US citizenship is required due to client contractual requirements.
  • Preferred: consulting or professional services experience supporting external clients.
  • Preferred: automation experience with GitLab or GitHub, Terraform, and Ansible.
  • Preferred: experience with serverless and microservices architectures.
  • Preferred: familiarity with CIS Benchmarks, DISA STIG, SSL, PKI, FedRAMP, FISMA, HIPAA, HITRUST, PCI, and similar frameworks.
  • Preferred: Splunk Enterprise Certified Architect or Splunk Certified Automation Developer.

Benefits

  • $78,000 to $135,000 annual salary range.
  • Eligibility for annual incentive, commission, and/or recognition programs.
  • Flexible work model with the option to work from home or an office.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Senior Go Security

Coforge 10K-50K IT Services

Coforge is hiring a Senior Go Security engineer in Costa Rica to build and improve a cybersecurity platform’s backend and cloud-native services.

BDD CI/CD Cybersecurity Docker GCP Generative AI GitOps Go gRPC Kafka Kubernetes LLM Microservices Penetration Testing REST API
17 hours, 9 minutes ago

Senior Infrastructure & Security Engineer

nuview.space 1-10 Wireless Telecommunication Services

NuView IT is seeking a Senior Network/Cloud/Systems Engineer to provide Tier 3 technical delivery, escalation support, and security-focused infrastructure services across client environments.

Active Directory Azure CrowdStrike HIPAA Windows Server
17 hours, 9 minutes ago

Senior Go Security

Coforge 10K-50K IT Services

Coforge is hiring a Senior Go Security engineer in Peru for a remote role focused on building and delivering backend systems for a cybersecurity platform.

BDD CI/CD Cybersecurity Docker GCP Generative AI GitOps Go gRPC Kafka Kubernetes LLM Microservices Penetration Testing REST API
17 hours, 24 minutes ago

Network Security Operations Engineer

Coforge 10K-50K IT Services

Hands-on Network Security Engineer role at a company operating enterprise firewall, proxy, and VPN infrastructure to keep security controls reliable, compliant, and continuously optimized.

Active Directory Ansible Cisco Fortinet IDS IPS Palo Alto SIEM Terraform TLS
17 hours, 24 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers