Applications Engineer IV (EDR)

About The Position

Requirements

• Must have a current TS/SCI Polygraph clearance to apply for role. Only those with a current TS/SCI with Poly clearance will be considered.
• Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR, preferably both).
• Experience with cloud security and familiarity with cloud service providers (AWS or Azure, preferably both).
• Experience securing cloud-hosted workloads using EDR solutions and understanding cloud-native security controls and logging (Microsoft Sentinel, Microsoft Defender, Microsoft Purview, AWS CoudWatch, AWS CloudTrail, AWS GuardDuty, or AWS Security Hub).
• CCSP Certified Cloud Security Professional certification or equivalent.
• Microsoft Certified: Security Operations Analyst Associate (SOAA) or equivalent.
• Understanding of network protocols, traffic analysis, and intrusion detection systems (CompTIA Security+ is required).
• In-depth knowledge of Windows operation system internals, registry, and file system.
• Familiarity with forensic tools like EnCase, FTK, or open-source alternatives.
• SANS Windows Forensic Analysis (FOR500) or equivalent.

Nice To Haves

• Proactive identification and investigation of potential security threats and anomalies.
• Experience in managing and responding to security incidents, including containment, eradication, and recovery.
• Familiarity with SIEM systems for log analysis and correlation (e.g. Splunk, Elastic, Microsoft Sentinel).
• Proficient in scripting languages (e.g., PowerShell, Python) for automating tasks and workflows.
• Certified Information Systems Security Professional (CISSP)
• Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)

Responsibilities

• Deploy, configure, test, manage, and optimize endpoint detection and response solutions across the NSA enterprise.
• Establish comprehensive Standard Operating Procedures (SOPs) for EDR functionalities and lead training sessions to empower SOC analysts in maximizing platform efficiency and threat visibility.
• Responsible to the deployment, testing, management, and optimization of endpoint detection and response solutions.
• This role involves deploying, configuring, testing, and monitoring EDR capabilities to traditional on premises and cloud environments.
• Supporting SOC functions such as assisting in monitoring, training analysts, documenting SOPs, incident response coordination, analysis of security events, and process/procedure improvement.

Benefits

• Medical/Dental/Vision (100% Employer Paid Medical Plan)
• Short/Long Term Disability (Employer Paid)
• Life Insurance (Employer Paid)
• Yearly $5,000 towards education/training/certification.
• Employees are in control of their career path through our Career Pathway Program.
• Employer paid Company Vacation Package for you and a guest!
• Quevera will match up to 6% towards your 401K and an additional 4% profit sharing!