Endpoint Security Engineer Lead (CrowdStrike)

Leidos has an immediate need for a lead Endpoint Security Engineer for a customer on a highly visible and strategic Cybersecurity Task Order. The Security Engineer will need to be a self-starter with excellent analytical and problem-solving skills flexibility good judgment and the ability to coordinate multiple concurrent tasks in an effective manner. This individual will work with internal team members to ensure that systems are functional secure and scalable. The Security Engineer will support the design and development of cybersecurity tools and technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide systems and networks.

Primary Responsibilities:

• Technical Leadership: Serve as the primary technical authority for CrowdStrike guiding the team on best practices and technical standards.
• Deployment and Management: Oversee the deployment and maintenance of CrowdStrike agents to ensure full coverage across all endpoints.
• Incident Response: Lead and participate in the investigation and response to security incidents detected by CrowdStrike.
• Threat Hunting: Perform threat hunting conduct malware analysis and help refine detection logic in collaboration with the SOC.
• Integrations: Integrate the CrowdStrike platform with other security tools such as SIEM/SOAR platforms using scripting languages like Python and PowerShell.
• Mentorship: Mentor and guide junior engineers on technical standards processes and procedures.
• Strategy and Compliance: Ensure the endpoint security strategy aligns with enterprise goals and that all solutions meet regulatory and compliance standards.
• Automation: Identify and implement opportunities for automation to streamline security operations.
• Documentation: Maintain up-to-date documentation standard operating procedures (SOPs) and knowledge base articles.
• Manage multiple assignments changing priorities and work independently with little oversight
• Work closely with senior engineers other team members and application owners to solve technical problems at the network system and application levels
• Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required
• Deploy CrowdStrike Falcon Endpoint Detection and Response (EDR) detection agent up to 4K devices.
• Reduce risk by ensuring coverage of malware detection for in-scope CrowdStrike EDR Agent capable devices.
• Optimization of EDR solution including refinement data produced development of automated workflows or playbooks and integration of the EDR data with Enterprise solutions including SIEM solutions.
• Configuring CrowdStrike cloud-hosted SaaS Solution to manage policies control reporting data manage and respond to threats.
• Experience in backend solution day to day system admin and monitoring file system management and disk management and creation of shell scripts for the automation of tasks and the extraction of logs
• Provide follow-up reports (technical findings feedback resolution steps taken) for Root Cause analysis engineering technical assessment and process improvement initiatives

Basic Qualifications:

• BS degree in Science Technology Engineering or related field and 8-10 years of prior relevant experience with a focus on cybersecurity OR Masters with 6-8 years of prior relevant experience.
• Experience leading cross-functional security initiatives and managing small teams or projects.
• Extensive hands-on experience with the CrowdStrike Falcon platform including multiple modules (e.g. EDR FIM Identity Protection Data Protection).
• Expertise in endpoint security concepts and incident response processes.
• Proficiency in scripting languages like Python PowerShell or Bash for automation and custom response actions.
• Strong knowledge of security frameworks like NIST or MITRE ATT&CK.
• Experience with SIEM integrations and threat analysis.
• Solid understanding of operating systems (Windows Linux macOS).
• Superior attention to detail with excellent written and verbal communication skills.
• Excellent problem solving research and follow-up skills.
• Self-motivation and ability to work independently.
• Ability to obtain an Entry of Duty (EOD) Public Trust.
• Candidate must at a minimum meet one of these certifications: CrowdStrike certifications (e.g. CCFR CCFP).

Preferred Qualifications:

• Experience automating management tasks with Ansible Puppet or Chef
• Experience working with SIEM tools such as Splunk to ingest normalize store and maintain data from endpoint network and application sourcetypes.
• Experience working in AWS and Azure
• Experience with Wiz Sepio TVM and Nucleus is a plus

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.