We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Lead Endpoint Security Engineer

Metronome, LLC
United States, Virginia, Arlington
Dec 11, 2024

Metronome LLC has an immediate need for an experienced Endpoint Security Engineer for a new customer on a highly-visible and strategic Cybersecurity Task Order. The Endpoint Security Engineer will be responsible for implementing and operationalizing host-based defensive capabilities using endpoint protection (EPP) and detection response (EDR) products, as well as other endpoint security tools/controls. The ideal candidate is a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to work within a team to stand up and mature the cybersecurity capabilities of our customer

Primary Responsibilities:

  • Lead, manage, and understand the entire endpoint security lifecycle: obtain visibility, minimize surface area of attack, prevent and detect threats, investigate and respond, and remediate
  • Deploying, configuring, operating, monitoring, tuning, upgrading, and troubleshooting endpoint security tools
  • Collaborate, guide, and assist engineering with the deployment and centralization of an approved endpoint security solutions across multiple FISMA systems
  • Utilize approved tools to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions
  • Coordinating with engineering to develop and implement plans to apply patches, hot fixes, and other critical updates as needed
  • Build queries, dashboards, and reports for enterprise and leadership awareness
  • Work with technical support staff to troubleshoot endpoint tool issues and outages
  • Develop and maintain policies and tasks for all related endpoint products
  • Develop Standard Operating Procedures (SOPs) for the operation and maintenance of endpoint security tools
  • Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards
  • Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy
  • BS degree in Science, Technology, Engineering, Math or related field and 8+ years of prior relevant experience with a focus on cybersecurity. Additional experience may be considered in lieu of a degree.
  • Strong foundational security knowledge, specifically in large and complex organizations
  • Prior experience deploying and managing advanced endpoint security solutions: Endpoint Protection (EPP) and Detection Response (EDR). I.E. (McAfee MVISION, CrowdStrike, CarbonBlack, Microsoft Defender, Sophos, SentinelOne)
  • Prior experience implementing and maintaining CyberArk.
  • Understanding of the current security threat landscape and attack techniques on endpoints.
  • At least one of the following certifications:
  • SANS GCIA, GCIH, GCFA, GCFE, GREM, GISF, GXPN, GWEB, GNFA, GMON, Offensive Security: OSCP, OSCE, OSWP, OSEE, ISC2: CCFP, CISSP, EC Council: CEH, CHFI, LPT, ECSA, ECIH
  • A desire to learn, combined with a collaborative work style and strong personal work ethic
  • Strong communication and presentation skills, both verbal and written.
  • Department of Homeland Security (DHS) Entry on Duty (EOD) is required to support this program
  • Certifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / Hunter
  • Direct support of SOC analyst and/or experience working in a SOC a plus
  • Familiarity of frameworks like MITRE ATT&CK a plus.
  • Knowledge and understanding on how to create and implement custom signatures to detect attack behaviors and patterns. I.E. Indicators of Attack (IOAs) detection rules
  • Experience with triaging and investigating hosts through EDR and EPP solutions
Applied = 0

(web-86f5d9bb6b-jpgxp)