• 
  Monitor security operations in a mixed Windows and Linux environment across multiple enclaves
• Conduct infrequent digital forensics and contribute to process development
• Assist with detection development and testing using publicly posted information and tools such as Atomic Red Team
• Operate endpoint detection and response tools including managing exceptions and alerts
• Incorporate threat intelligence into incident response through tools such as Yara scanning
• Assist with audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Develop strong working relationships across the IT program to facilitate smooth operations and incident response activities
• Provides advice to customers on industry best practices and areas for continued improvement

• An Active Top-Secret Clearance and on-site presence is required for this role.
• At least Five (5) years’ related experience providing support to implementing an organization’s information security program and related SOC experience
• The ability to support and be flexible with a small team, and work independently as needed with interest to learning and growing into the role
• Expertise in security operations and vulnerability management
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Familiarity with Department of Defense STIGs and standard operating procedures associated with operating an air-gapped network
• Understanding of Windows infrastructure and communication components
• Basic understanding of Linux
• Familiarity with web applications and awareness of web application vulnerability assessments
• At least one information security certification, such as Security+, CEH, or GCIH

• Cyber Engineering background
• Splunk experience and / or certification
• ACAS, Nessus, or Tenable training
• Familiarity with an Endpoint Detection and Response tool such as HBSS, Carbon Black, or Cylance Optics
• Familiarity with a Network Based Intrusion Detection system
• Familiarity with the Purple Team Lifecycle and continuous process improvement
• Experience or certification in digital forensics, such as ACE, EnCase, or Autopsy

Our people make Coalfire great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. We’re connected by our desire to innovate and our goal of helping to make the world a more secure place.

Coalfire’s high energy, challenging, and fast-paced work environment will keep you engaged and motivated. Work-life balance is a core priority at Coalfire – we work hard and we play hard, and the two often overlap. We host family-friendly events and happy hours along with professional meetups and informal networking sessions, and we’re active in our communities. Plus, we offer great benefits, including:

• Health, dental, and vision insurance with an employer contribution
• Flexible paid time off (employees are encouraged to spend four weeks away from the office each year)
• A generous 401(k) plan
• A corporate wellness program
• Tuition reimbursement
• Certification reimbursement
• Learning and Development
• Cultural and Social Initiatives