Security Operations Administrator

About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
POSITION SUMMARY:Who We Are Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. As a leading cybersecurity solutions provider serving both private and public sector clients, we work at the cutting edge of technology—advising, assessing, automating, and guiding organizations through the ever-changing security landscape. Our professionals thrive on delivering unbiased assessments, expert guidance, and innovative strategies tailored to each client’s unique needs.   But that’s not who we are – that’s just what we do.   We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Headquartered in Denver, Colorado, with offices across the U.S. and U.K., we support clients around the globe. And we’re expanding fast.    Why Join Us We’re looking for a Security Operations Admin to work on our vulnerability management processes, driving compliance and security in cloud-based environments, as well as support our SIEM monitoring and alerting to meet FedRAMP requirements. If you’re driven by a desire to innovate, excel at operational excellence, and thrive in a collaborative environment, come be part of a team committed to making the world a safer place.  

What You'll Do

• Support and maintain enterprise vulnerability management tools (Tenable, Burp, Microsoft Defender), ensuring timely updates and patches 
• Run regular and on-demand scans across operating systems, databases, web applications, and containers, then work with technical teams (for example, SRE and client administrators) to create tickets for remediation 
• Track and document vendor dependencies, operational requirements, and open vulnerabilities on a monthly basis, producing clear reports and updates for clients 
• Maintain, and update SIEM solutions (e.g., Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) to enhance visibility and proactively mitigate cyber threats. 
• Build and respond to critical security alerts as part of our incident monitoring process.

What You'll Bring

• 1-2 years' experience in 24x7x365 production security operations
• 1-2 years' experience participating in incident response and analysis activities
• 1-2 years' experience with vulnerability management, compliance monitoring, or related security operations roles 
• Hands-on expertise with operating system, database, network, container, web application, and API vulnerability management 
• 1+ years of hands-on technical experience supporting cloud operations and automation in Azure, AWS, and/or GCP
• Experience in Information Security with a focus on incident response and security engineering
• Exposure to threat identification using SIEM tools, log sources, and forensics tools and techniques
• Experience with ITSM solutions such as Jira and ServiceNow
• Experience or familiarity with Tenable.sc, Nessus Pro, or Nexpose
• Understanding of regular expression and query languages
• Experience analyzing events or incidents to triage the issue
• Fundamental skills and knowledge of Azure, AWS, or GCP
• Knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) 
• Ability to work efficiently with technical teams to investigate, prioritize, and remediate vulnerabilities 
• Familiarity with defining baseline configuration standards (for example, CIS Benchmarks) and reporting on compliance posture 
• Exposure to one SIEM platform (e.g., Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) and enterprise antivirus (AV) solutions (e.g., Trend Micro, CrowdStrike, Microsoft Defender). 
• Experience working in large scale enterprise environments 
• Effective communication, organizational, and documentation skills, with an emphasis on providing timely updates and clear reports to clients 

Bonus Points

• Professional services background: Prior experience supporting external clients from within a consulting or professional services organization. 
• Automation capabilities: Experience automating workflows in GitLab or GitHub with Terraform and Ansible. 
• Configuration baseline standards: Familiarity with CIS Benchmarks, DISA STIG, and other relevant guidelines. 
• Compliance frameworks: Understanding of FedRAMP, FISMA, HIPAA, HITRUST, PCI, and similar regulatory standards. 
• Security-focused cloud certifications for Azure, AWS, or GCP 
• Security+ 

Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at HumanResourcesMB@coalfire.com.