Application Engineer 4 (EDR)

Power3 Solutions

Job Location:

Fort Meade, MD - USA

Monthly Salary: Not Disclosed

Posted on: 16 hours ago

Vacancies: 1 Vacancy

Job Summary

We solve difficult business IT and analytic problems by addressing the whole problem not just the symptoms using interdisciplinary approaches that are both practical and innovative. We provide fresh alternatives to ordinary mainstream consulting firms through small highly skilled and hand-picked teams that can meet clients needs in any broad interdisciplinary understanding allows us to provide the right solution even if it is from outside the industry or traditionally defined problem space. We bring Public and Private Civilian and Military expertise to every case.

We are hiring an Application Engineer 4 (EDR) to work in Fort Meade MD. Position location is subjectto change based on central MD clients needs.

Required:TS/SCI with a Polygraph

Description:
Deploy configure test manage and optimize endpoint detection and response solutions across the NSA enterprise. Establish comprehensive Standard Operating Procedures (SOPs) for EDR functionalities and lead training sessions to empower SOC analysts in maximizing platform efficiency and threat visibility.

Essential Duties and Responsibilities:

Responsible to the deployment testing management and optimization of endpoint detection and response solutions.
This role involves deploying configuring testing and monitoring EDR capabilities to traditional on premises and cloud environments.
The ideal candidate should have a strong background in endpoint security cloud applications Windows forensics large enterprise endpoint deployments and SOC analyst support.

Individual Capabilities/Experience Required:

All experience and education will be in a technical field directly related to the labor category being proposed and all diplomas GED certificates and degrees will be from accredited institutions. Twelve (12) years minimum experience and a High School Diploma/GED. Ten (10) years minimum experience and an Associates Degree. Eight (8) years minimum experience and a Bachelors Degree. Six (6) years minimum experience and a Masters Degree. Four (4) years minimum experience and a Doctorates Degree.
EDR Solutions: Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR preferably both).
Cloud Applications: Experience with cloud security and familiarity with cloud service providers (AWS or Azure preferably both).
Cloud Security: Experience securing cloud-hosted workloads using EDR solutions and understanding cloud-native security controls and logging (Microsoft Sentinel Microsoft Defender Microsoft Purview AWS CoudWatch AWS CloudTrail AWS GuardDuty or AWS Security Hub).
CCSP Certified Cloud Security Professional certification or equivalent.
Security Operations Center (SOC) Support: Experience supporting SOC functions such as assisting in monitoring training analysts documenting SOPs incident response coordination analysis of security events and process/procedure improvement.
Microsoft Certified: Security Operations Analyst Associate (SOAA) or equivalent.
Network Security: Understanding of network protocols traffic analysis and intrusion detection systems.
CompTIA Security is required
Windows Forensics: In-depth knowledge of Windows operation system internals registry and file system. Familiarity with forensic tools like EnCase FTK or open-source alternatives. SANS Windows Forensic Analysis (FOR500) or equivalent.

Individual Capabilities/Experience Desired:

Threat Hunting: Proactive identification and investigation of potential security threats and anomalies.
Incident Response: Experience in managing and responding to security incidents including containment eradication and recovery.
Security Information and Event Management (SIEM): Familiarity with SIEM systems for log analysis and correlation (e.g. Splunk Elastic Microsoft Sentinel).
Scripting and Automation: Proficient in scripting languages (e.g. PowerShell Python) for automating tasks and workflows.
Certified Information Systems Security Professional (CISSP)
Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)

We have all the PERKS!
You are our most valuable resource your ambition your knowledge yourcreativity. We offer an industry-leading set of benefits to supplement your normalsalary compensation. We have you covered with flexible ways to balancework and home life full health benefit premium coverage and generouscontributions toward your retirement.

Competitive health dental and vision plans with 100% paid premiums.
401k: We contribute 6% even if you dont!
Time Off: 11 standard holidays and 25 days of PTO
Career Development: Get career counseling and individualized career development plans including education and training.
Employee referral bonuses for successful hires

We are anEqual Opportunity/Affirmative Action employer.
We provide equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.
This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.

Power3 Solutions
Partnering with federal state and local organizations to bring the best talent to the right roles.

Experience:

Responsible to the deployment testing management and optimization of endpoint detection and response solutions.
This role involves deploying configuring testing and monitoring EDR capabilities to traditional on premises and cloud environments.
The ideal candidate should have a strong background in endpoint security cloud applications Windows forensics large enterprise endpoint deployments and SOC analyst support.

Individual Capabilities/Experience Required:

All experience and education will be in a technical field directly related to the labor category being proposed and all diplomas GED certificates and degrees will be from accredited institutions. Twelve (12) years minimum experience and a High School Diploma/GED. Ten (10) years minimum experience and an Associates Degree. Eight (8) years minimum experience and a Bachelors Degree. Six (6) years minimum experience and a Masters Degree. Four (4) years minimum experience and a Doctorates Degree.
EDR Solutions: Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR preferably both).
Cloud Applications: Experience with cloud security and familiarity with cloud service providers (AWS or Azure preferably both).
Cloud Security: Experience securing cloud-hosted workloads using EDR solutions and understanding cloud-native security controls and logging (Microsoft Sentinel Microsoft Defender Microsoft Purview AWS CoudWatch AWS CloudTrail AWS GuardDuty or AWS Security Hub).
CCSP Certified Cloud Security Professional certification or equivalent.
Security Operations Center (SOC) Support: Experience supporting SOC functions such as assisting in monitoring training analysts documenting SOPs incident response coordination analysis of security events and process/procedure improvement.
Microsoft Certified: Security Operations Analyst Associate (SOAA) or equivalent.
Network Security: Understanding of network protocols traffic analysis and intrusion detection systems.
CompTIA Security is required
Windows Forensics: In-depth knowledge of Windows operation system internals registry and file system. Familiarity with forensic tools like EnCase FTK or open-source alternatives. SANS Windows Forensic Analysis (FOR500) or equivalent.

Individual Capabilities/Experience Desired:

Threat Hunting: Proactive identification and investigation of potential security threats and anomalies.
Incident Response: Experience in managing and responding to security incidents including containment eradication and recovery.
Security Information and Event Management (SIEM): Familiarity with SIEM systems for log analysis and correlation (e.g. Splunk Elastic Microsoft Sentinel).
Scripting and Automation: Proficient in scripting languages (e.g. PowerShell Python) for automating tasks and workflows.
Certified Information Systems Security Professional (CISSP)
Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)

Competitive health dental and vision plans with 100% paid premiums.
401k: We contribute 6% even if you dont!
Time Off: 11 standard holidays and 25 days of PTO
Career Development: Get career counseling and individualized career development plans including education and training.
Employee referral bonuses for successful hires