Lead, manage, and understand the entire endpoint security lifecycle : obtain visibility, minimize surface area of attack, prevent and detect threats, investigate and respond, and remediate
Below covers everything you need to know about what this opportunity entails, as well as what is expected from applicants.
Deploying, configuring, operating, monitoring, tuning, upgrading, and troubleshooting endpoint security tools
Collaborate, guide, and assist engineering with the deployment and centralization of approved endpoint security solutions across multiple FISMA systems
Utilize approved tools to scan, identify, contain, mitigate, and remediate vulnerabilities and intrusions
Coordinating with engineering to develop and implement plans to apply patches, hot fixes, and critical updates as needed
Build queries, dashboards, and reports for enterprise and leadership awareness
Work with technical support staff to troubleshoot endpoint tool issues and outages
Develop and maintain policies and tasks for all related endpoint products
Develop Standard Operating Procedures (SOPs) for the operation and maintenance of endpoint security tools
Performs analyses to validate established security requirements and recommend additional security requirements and safeguards
Researches, evaluates, and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy
Basic Qualifications
BS degree in Science, Technology, Engineering, Math, or related field and 4+ years of prior relevant experience with a focus on cybersecurity.
Additional experience may be considered in lieu of a degree
Strong foundational security knowledge, specifically in large and complex organizations
Prior experience deploying and managing advanced endpoint security solutions : Endpoint Protection (EPP) and Detection Response (EDR) (e.
g., McAfee MVISION, CrowdStrike, CarbonBlack, Microsoft Defender, Sophos, SentinelOne)
Prior experience implementing and maintaining CyberArk
Understanding of the current security threat landscape and attack techniques on endpoints
At least one of the following certifications : EC Council : CEH, CHFI, LPT, ECSA, ECIH
A desire to learn, combined with a collaborative work style and strong personal work ethic
Strong communication and presentation skills, both verbal and written
Department of Homeland Security (DHS) Entry on Duty (EOD) is required to support this program
Required Education / Experience
BS degree in Science, Technology, Engineering, Math, or related field and 10-12 years of prior relevant experience with a focus on cybersecurity OR Masters with 8-10 years of prior relevant experience
Requirement Certifications
CCIE Security
Cisco Certified Network Professional (CCNP)
CCNP Security
CCSP Certified Cloud Security Professional
CEH Certified Ethical Hacker
Certified Data Administrator Professional
Splunk Certified Architect
Certified Storage Associate
CISSP Certified Information Systems Security Professional
CompTIA Advanced Security Practitioner (CASP)
Converged Infrastructure Specialist
CSSLP Certified Secure Software Lifecycle Professional
ECSP EC-Council Certified Secure Programmer
GCWN Windows Security Administrator
GICSP Cyber Security Professional
GISF Security Fundamentals
GISP Security Professional
GSSP Secure Software Programmer
MCSE Microsoft Certified Solutions Expert (Server)
RHCA
RHCE
SEI (Software Engineering Institute)
SSCP Systems Security Certified Practitioner
VCA (Certified Associate)
VCAP (Certified Advanced Professional)
VCDX (Certified Design Expert)
VCIX (Implementation Expert)
VCP (Certified Professional)
Preferred Qualifications
Certifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / Hunter)
Direct support of SOC analyst and / or experience working in a SOC a plus
Familiarity with frameworks like MITRE ATT&CK a plus
Knowledge and understanding of how to create and implement custom signatures to detect attack behaviors and patterns (e.g.
Indicators of Attack (IOAs) detection rules)
Experience with triaging and investigating hosts through EDR and EPP solutions
J-18808-Ljbffr