Senior Security Engineer; SIEM

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

As Senior Security Engineer (SIEM engineer) at Coalfire within our Cloud Services group, you will be a self-starter, passionate about cloud security, and thrive on problem-solving. You will provide operational support of Vulnerability Management processes for clients with regulatory compliance requirements. The Cloud Services team is responsible for identifying, assessing, and managing threats, vulnerabilities, and associated risks to clients’ information assets and resources.

You will work within major public clouds and best‑of‑breed tools, utilizing your technical abilities to monitor vulnerabilities and recommend remediation or resolution.

• Join a highly collaborative security operations team delivering vulnerability management services to Cloud Service Providers, and other organizations operating highly regulated environments.
• Review vulnerabilities and data from various sources (e.g., penetration testing, vulnerability scanning) across different technologies and environments to assess the risk level to business assets.
• Conduct recurring and on‑demand OS/DB & Web scanning activities for multiple customer environments.
• Build, configure, and manage vulnerability management tools within customer environments, serving as the subject matter expert for vulnerability management queries.
• Assist customers with scanning their Fed Ramp environment, establishing standards, and managing false positives and exceptions.
• Utilize customer scan data to create a Plan of Action and Milestones (POAM) for regular delivery to customers.
• Communicate with internal management to provide insights into the current risk posed by vulnerabilities in customer environments and proposed remediation strategies.
• This position will be the liaison between the vulnerability management team and various SRE teams and customer teams and must be able to provide technical remediation details or workarounds, help track and identify asset inventory, log work tickets and exceptions and research vulnerability findings.
• Develop and maintain standard operating procedures, training documents, technical documentation, and troubleshooting guidelines for security solutions.
• Configure and troubleshoot scanning devices and resolve agent & authentication issue.
• Implement technical solutions to automate repetitive tasks.
• Provide guidance, instruction, and thought leadership to clients and team members.
• Manage and follow up on tickets and customer requests.
• Work independently and with vendors’ professional services to diagnose and troubleshoot any issues with vulnerability assessment tools.
• Provide oversight and orchestrate key parties from Coalfire and client teams during escalations with a focus on expedited resolution.
• Provide analysis of Information Security vulnerabilities and determine true or false positive, and work with appropriate teams for remediation.
• Analyze identified vulnerabilities to identify false positives or environmental factors that affect the risk scoring and ensure the POAM is updated to reflect that analysis.

• Previous experience supporting clients from within a managed service organization.
• Experience with ITSM solutions such as Jira and Service Now and delivering to SLAs.
• 4-6 years of related experience in professional services, vulnerability management, and compliance monitoring.
• Must be skilled in web application testing, API testing, and network testing.
• Prior experience working with Burp Suite Professional, or other similar DAST tools.
• Proficiency in scripting, such…