Endpoint Protection Security Engineer
Designing, implementing, maintaining, and t-shooting endpoint security solutions
IDS/IPS Engineering: Installation/Configuration and tuning IDS/IPS signatures, create and amend policies
SIEM: monitor events and trends using Kibana
Provide support for internal and external customers in a large enterprise environment
Troubleshoot a range of IT security and connectivity issues
Support other team members in troubleshooting and project efforts
Manage hardware and software inventories
Works with remote teams to install, maintain and troubleshoot security hardware
Ensure customers receive top of the line support in a polite and courteous manner
Keep detailed records of customer interaction and problem resolution in a ticketing system
Develop standard operating procedure and network topology documentation
Provide on-call and after-hours support as required.
Administer applications running on Linux and UNIX systems in virtualized and cloud environments
The successful candidate will have a proven track record of designing and advancing endpoint security implementations for medium to large enterprise networks. This means you will be able to demonstrate experience advancing an individual tool, which could include cross-tool integration or specific policy fine-tuning. We need someone who can think out of the box and do more than just keep the endpoint security tools running. You must have experience interpreting events generated by endpoint agents and understanding what they mean.
If you’re the successful candidate you will have the opportunity to work on both operational and project-based assignments. So if you’re a go-getter who’s passionate about Security and want to work with a team who are working developing and managing leading solutions, this may be the perfect opportunity for you!
We are currently looking for an Endpoint Protection Security Engineer who has:
5+ years experience with Endpoint protection System. The successful candidate will have proven experience configuration and administration of Carbon Black Protection (Bit9) / FireEye HX or Cylance Protect (AV). The candidate must be able to explain how they have implemented and advanced these tools within an organization. This is not just an operations position, the successful candidate will be responsible for making improvements
3+ years experience with Splunk (Preferred). The successful candidate will bring experience installing, administering, and operating Splunk for security use cases. This will include the centralization of security event data from security tools, agents, and devices. The successful candidate will have built Splunk dashboards and will have configured alerting.
3 to 5+ years’ experience with systems administration. The successful candidate must have experience with Windows and Linux/UNIX server operating systems administration. You must have Strong command-line experience with Linux or UNIX including OS installation and configuration, security hardening, patching and package upgrades and must have in-depth experience on IDS tool like Security Onion , Snort , OSSEC.
MUST BE CLEARABLE - US CITIZEN OR GREEN CARD HOLDER TO OBTAIN AND MAINTAIN A CLEARANCE
This position can be based 100% remote anywhere in the United States; however, a preference is given to candidates who can work full time on-site in Washington DC. All candidates must have US work authorization with the ability to pass Federal background and credit checks.