Application Engineer 4 (EDR)

About The Position

Requirements

• TS/SCI with a Polygraph
• Twelve (12) years minimum experience and a High School Diploma/GED.
• Ten (10) years minimum experience and an Associate's Degree.
• Eight (8) years minimum experience and a Bachelor's Degree.
• Six (6) years minimum experience and a Master's Degree.
• Four (4) years minimum experience and a Doctorate's Degree.
• Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR, preferably both).
• Experience with cloud security and familiarity with cloud service providers (AWS or Azure, preferably both).
• Experience securing cloud-hosted workloads using EDR solutions and understanding cloud-native security controls and logging (Microsoft Sentinel, Microsoft Defender, Microsoft Purview, AWS CoudWatch, AWS CloudTrail, AWS GuardDuty, or AWS Security Hub).
• CCSP Certified Cloud Security Professional certification or equivalent.
• Experience supporting SOC functions such as assisting in monitoring, training analysts, documenting SOPs, incident response coordination, analysis of security events, and process/procedure improvement.
• Microsoft Certified: Security Operations Analyst Associate (SOAA) or equivalent.
• Understanding of network protocols, traffic analysis, and intrusion detection systems.
• CompTIA Security+ is required
• In-depth knowledge of Windows operation system internals, registry, and file system.
• Familiarity with forensic tools like EnCase, FTK, or open-source alternatives.
• SANS Windows Forensic Analysis (FOR500) or equivalent.

Nice To Haves

• Proactive identification and investigation of potential security threats and anomalies.
• Experience in managing and responding to security incidents, including containment, eradication, and recovery.
• Familiarity with SIEM systems for log analysis and correlation (e.g. Splunk, Elastic, Microsoft Sentinel).
• Proficient in scripting languages (e.g., PowerShell, Python) for automating tasks and workflows.
• Certified Information Systems Security Professional (CISSP)
• Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)

Responsibilities

• Responsible to the deployment, testing, management, and optimization of endpoint detection and response solutions.
• This role involves deploying, configuring, testing, and monitoring EDR capabilities to traditional on premises and cloud environments.
• Establish comprehensive Standard Operating Procedures (SOPs) for EDR functionalities and lead training sessions to empower SOC analysts in maximizing platform efficiency and threat visibility.

Benefits

• Competitive health, dental, and vision plans with 100% paid premiums.
• 401k: We contribute 6% even if you don't!
• Time Off: 11 standard holidays, and 25 days of PTO
• Career Development: Get career counseling and individualized career development plans, including education and training.
• Employee referral bonuses for successful hires