Application Engineer 4 (EDR)

About The Position

Requirements

• Active TS/SCI with Polygraph required
• BS in technical field + 15 years' experience OR High School + 20 years' experience
• Must be a US citizen
• Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR, preferably both)
• Experience with cloud security and familiarity with cloud service providers (AWS or Azure, preferably both).
• Experience securing cloud-hosted workloads using EDR solutions and understanding cloud-native security controls and logging (Microsoft Sentinel, Microsoft Defender, Microsoft Purview, AWS CoudWatch, AWS CloudTrail, AWS GuardDuty, or AWS Security Hub).
• CCSP Certified Cloud Security Professional certification or equivalent.
• Understanding of network protocols, traffic analysis, and intrusion detection systems (CompTIA Security+ is required).
• In-depth knowledge of Windows operation system internals, registry, and file system.
• Familiarity with forensic tools like EnCase, FTK, or open-source alternatives.
• SANS Windows Forensic Analysis (FOR500) or equivalent.

Nice To Haves

• Threat Hunting: Proactive identification and investigation of potential security threats and anomalies.
• Incident Response: Experience in managing and responding to security incidents, including containment, eradication, and recovery.
• Security Information and Event Management (SIEM): Familiarity with SIEM systems for log analysis and correlation (e.g. Splunk, Elastic, Microsoft Sentinel).
• Scripting and Automation: Proficient in scripting languages (e.g., PowerShell, Python) for automating tasks and workflows.
• Certified Information Systems Security Professional (CISSP)
• Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)

Responsibilities

• Deploy, configure, test, manage, and optimize endpoint detection and response solutions across the NSA enterprise.
• Establish comprehensive Standard Operating Procedures (SOPs) for EDR functionalities.
• Lead training sessions to empower SOC analysts in maximizing platform efficiency and threat visibility.
• Deploying, configuring, testing, and monitoring EDR capabilities to traditional on premises and cloud environments.
• Supporting SOC functions such as assisting in monitoring, training analysts, documenting SOPs, incident response coordination, analysis of security events, and process/procedure improvement.

Benefits

• 401(k) with 6% company match - VESTS IMMEDIATELY
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Life and Disability Insurance
• Complimentary Identity Theft Protection
• Tuition Reimbursement
• Paid Time Off
• Referral bonuses
• And more!