Crowdstrike Cybersecurity System Engineer

Covetrus Global Cybersecurity Team seeks a highly skilled Security System Engineer with extensive hybrid-cyber experience both in infrastructure and endpoint management.

The ideal candidate will have a deep understanding of cloud workload architecture as well as traditional workstation and server

endpoints.

The Cyber Team Engineer is responsible for helping to define, drive, and deliver major components of Covetrus’ endpoint security strategy.

The candidate will serve as the key subject matter expert across all endpoint security projects and will have opportunity to interact with multiple technology teams across our global technology organization to research, engineer, test, implement, communicate, and maintain solutions supporting the security posture.

This critical position facilitates, implements, troubleshoots to solve challenging problems facing the Covetrus Company itself and our partner community.

Crowdstrike experience is mandatory.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Function as a subject matter expert for one or more technology areas supported by the SOC, including EDR, patching, and device management.
• Function as an escalation point for investigations from Level I (L1) analysts requiring assistance / further investigation.
• Develop and implement network security measures to safeguard against unauthorized access, data breaches, and other cyber threats.
• Install and configure software and hardware components as required to support the organization's IT infrastructure from a cybersecurity standpoint.
• Collaborate with cross-functional teams to define requirements, evaluate technology solutions, and implement best practices for endpoint and directory services.
• Help advance security operations technologies and processes through integration of threat detection and protection solutions.
• Automate routine tasks and processes using scripting languages, such as PowerShell, to streamline operations and enhance efficiency.
• Provide technical guidance and mentorship to junior team members, fostering a culture of knowledge sharing and continuous improvement.
• Stay updated on emerging technologies, industry trends, and best practices in endpoint management and Active Directory administration.
• Implement security solutions for AWS / Azure cloud environments including IAM, posture management, workload protection, and SIEM / SOAR
• Analyze and adjust security controls and safeguards to compliance requirements for a cloud environment.
• Monitor internal and external systems for security threats and respond to alerts.
• Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Participate in security review for Covetrus architecture design and infrastructure changes.

QUALIFICATIONS :

Education and / or Experience Required

• Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
• 5+ years experience with Endpoint Protection (EDR) platforms such as : CrowdStrike Falcon, Tanium, MDE / MS Defender, Symantec Endpoint Protection, Sentinel One
• Extensive deployment and troubleshooting knowledge of Endpoint Detection and Response tools (e.g., Carbon Black, CrowdStrike)
• 3+ years’ experience related to workload / container protection architectures in an environment with AWS / Azure / GCP,
• 3+ experience working with the various Azure security tools / platforms such as Azure AD, Sentinel, Defender, Entra, Purview, or similar in other platforms.
• 3+ years of IDP experience (Microsoft, Okta, Crowdstrike, etc.)
• 2+ years experience collaborating with Security Operations Centers (SOCs), Incident Response teams, Cyber Threat Intelligence
• Continuous monitoring to learn the behavior of all users, service accounts and devices to identify and prevent risky activity and potential threats using CrowdStrike (ITDR) Identify Protection.
• Detecting and preventing compromised credentials, attackers impersonating devices or service accounts, ransomware, lateral movement attacks, malicious insiders, and more
• Monitoring live traffic using CrowdStrike Identity Threat protection module for identity based attacks and anomalies
• Deploying CrowdStrike Falcon agent across the organization including IOC management Allow or Block IOCs Familiarity with Microsoft Endpoint (Intune) administration for managing endpoints and enforcing security policies
• Experience with systems management and automation including a basic understanding of Group Policy, WSUS and automation services
• Experience configuring APIs and web services

Education and / or Experience Preferred

• Solid understanding of Windows / Unix / Linux operating systems
• Active Directory and Microsoft 365 technical proficiencies
• DevOps experience in scripting languages (Powershell, Python, Perl, or Bash for automation)
• Experience with many tools and techniques like risk assessment, threat modeling, and cybersecurity to detect and analyze the threats
• Hands-on experience analyzing high volumes of logs, network data and other attack.
• Identity Access and Management concepts, multifactor authentication, SSO / Federation
• Privileged Access Management key concepts
• Experience with other security monitoring or data collection platforms, such as : Cloudflare, Proofpoint, Gigamon, Red Canary, Expel, ThreatInsight (or other IDS / IPS tools)
• Security Event Detection, Triage, Analysis, and Response, Investigative Process, Remediation Techniques, Documenting Findings, Log Analysis, Host-based Analysis
• Experience with SIEM platforms, such as : Devo, Elastic, Splunk ES, QRadar, SumoLogic, Azure Sentinel, AlienVault, Exabeam
• Understanding of the tactics, techniques, and procedures (TTPs) used by threat actors against endpoints
• Demonstrate in-depth understanding of operating system (OS) internals, the mechanics of OS exploits, and methods for preventing and / or detecting OS exploits
• Maintain an operational knowledge of the latest Mac, Windows and Linux OS server and desktop features, best practices, and system / application configurations

Certificates, License & Registrations

• Cyber Certifications such as : CISSP, CEH, SSCP
• Crowdstrike Falcon Administrator (CCFA), Cloud Specialist (CCCS), Identity Specialist (CCIS)
• AWS Security, Architect, Practitioner
• Azure Security Engineer, Fundamentals, Architect

Competencies (Skills & Abilities)

• Excellent communication skills
• Ability to build consensus and cooperation as well as to influence, interact and negotiate with senior leadership in the organization
• Experience leading complex technical projects, meeting target timelines, facilitating project meetings, authoring project documentation, and negotiating issue resolution
• Demonstrable ability to self-direct project outcomes, with minimal supervision to achieve program goals
• Experience communicating and presenting effectively with diverse levels of the organization including managers, users, and technical teams, with ability to explain security topics to a business audience
• Results-oriented and self-motivated team member who enjoys working in a dynamic environment, with a proven ability to take ownership of projects and deliver them on time and within budget.
• Strong interpersonal skills with the ability to collaborate effectively with cross-functional teams
• Time management skills with the ability to prioritize, triage, resolve and escalate in an efficient and effective manner
• Ability to navigate and work effectively across a complex, geographically dispersed organization

Salary may vary depending on factors such as confirmed job-related skills, experience, and location.

However, the pay range for this position is as follows.

$78,600.00 - $146,000.00