Principal, SecOps

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Are you a skilled engineer with a passion for hands‑on problem‑solving and team leadership? We are seeking a Security Operations Principal to oversee Security Operations in SIEM management, continuous monitoring, and vulnerability management services.

In this role, you will balance hands‑on technical responsibilities with team management, working closely with engineers to solve complex issues while gradually building leadership capacity.

You will act as a technical escalation point and collaborate with other internal teams to ensure operational excellence and continuous improvement.

If you enjoy rolling up your sleeves to tackle technical challenges while mentoring a growing team, this role offers the perfect opportunity to combine both skillsets and grow your leadership career.

• Act as the primary technical escalation point for complex operational issues, ensuring quick and effective resolutions.
• Maintain and optimize critical systems, including SIEM platforms (e.g., Splunk, ELK, Sumo Logic, Sentinel), Anti‑Virus tools (Trend Micro Deep Security Manager, Microsoft Defender, Crowdstrike) and vulnerability management tools (e.g., Nessus, Qualys, Burp).
• Monitor and improve the team’s use of automation and monitoring tools to drive operational efficiency.
• Analyze and resolve system performance issues, ensuring compliance with security and operational standards.
• Participate in incident response and post‑mortem analysis to identify root causes and prevent recurrence.
• Mentor and support the professional growth of engineers through training, feedback, and career development planning.
• Assist with hiring, onboarding, and retention to ensure team stability and growth.
• Oversee day‑to‑day delivery of security services, ensuring operational consistency and high‑quality outcomes.
• Track and optimize key metrics such as incident response times, operational efficiency, and compliance posture.
• Develop and refine processes for incident response, vulnerability remediation, and compliance reporting.
• Work with cross‑functional teams, including consulting teams, SREs, and professional services teams, to improve service delivery.

• 7+ years of hands‑on experience in technical roles, such as engineering or operations.
• Proven ability to manage operational processes and handle escalations.
• Experience balancing individual contributor work with oversight.
• Strong technical expertise with SIEM platforms (e.g., Splunk, ELK, Sumo Logic) and vulnerability management tools (e.g., Nessus, Qualys, Burp).
• Proven ability to troubleshoot and resolve complex technical issues in high‑pressure environments.
• Hands‑on experience with cloud platforms (AWS, Azure, or GCP) and their associated security practices.
• Solid understanding of security compliance frameworks (e.g., FedRAMP, SOC, HIPAA).
• Ability to mentor and guide team members while contributing to technical solutions.
• Strong written and verbal communication skills, particularly in documenting and sharing technical insights.
• Familiarity with IT frameworks such as ITIL or TOGAF.
• Basic experience with automation tools (e.g., Terraform, Ansible).
• Experience with Anti‑Virus tools (e.g., Trend Micro DSM, Crowdstrike, Microsoft Defender).
• Experience with Agile delivery practices or lightweight project management tools.

• Certifications in cloud platforms (AWS, Azure, GCP) or security tools (e.g., Splunk, Nessus) are preferred but not required.

• Bachelor’s degree (four‑year college or university) or a equivalent work…