EDR Engineer I

ForesiteOverland Park, KS

About The Position

Foresite is looking for an EDR Engineer I to join our Managed Services team and act act the frontline defender for our customers with managed EDR services. Your primary focus is the health, maintenance, tuning, and proactive monitoring of Endpoint Detection and Response (EDR) platforms. You will act as a point of escalation for EDR-related cases across industry-leading tools, ensuring that every managed environment is protected, healthy, and up-to-date. In this role, you’ll take ownership of multi-console alert triage, agent health monitoring, and policy configuration. You will be responsible for maintaining a high-quality security posture across dozens of unique client networks while ensuring all endpoints follow strict behavioral detection baselines and organizational security policies.

Requirements

  • 1+ years in a SOC, Systems Administration, or Cybersecurity role.
  • Strong foundational knowledge of Windows operating systems and basic troubleshooting.
  • Hands-on experience investigating alerts within an EDR solution and an understanding of how modern sensors collect telemetry.
  • A strong ability to analyze security alerts and logs to identify patterns, anomalies, and potential indicators of compromise (IoCs).
  • Ability to interpret vendor documentation to troubleshoot agent issues and software conflicts with business-critical applications.
  • Excellent technical communication skills with a "customer-first" mindset.

Nice To Haves

  • Experience with Google SecOps (Chronicle), SIEM solutions, or RMM tools.
  • Foundational security certs (e.g., CompTIA Security+, SC-200, or vendor-specific EDR certs).
  • Scripting/automation (PowerShell, Python, Bash) and experience with macOS or Linux devices.
  • Threat hunting, identity management, phishing remediation, or EDR deployment/onboarding.

Responsibilities

  • Act as an escalation point for the analyst team on EDR-related cases across technologies including CrowdStrike, SentinelOne, Microsoft Defender, Cortex XDR, Cisco Secure Endpoint, and Carbon Black.
  • Analyze security incidents, logs, and process trees to distinguish between legitimate activity and potential threats.
  • Gather forensic data (process IDs, file hashes, IP addresses) and escalate high-priority incidents to the Tier 3 Engineering team.
  • Conduct weekly console checkups to identify "silent" agents, offline hosts, or installation failures to ensure 100% fleet health.
  • Assist senior engineers in fine-tuning security policies and configuring exclusions/whitelists to resolve software conflicts without compromising security.
  • Troubleshoot broken sensors and coordinate directly with client IT contacts for re-installations and remediation.
  • Efficiently sort through low-severity alerts to close or escalate, keeping customer environments organized and actionable.
  • Manage incoming EDR-related support tickets, providing rapid response and clear technical communication to both internal teams and non-technical stakeholders.
  • Pull weekly fleet health reports to demonstrate security posture and protection levels to our clients.
  • Stay current with the MITRE ATT&CK framework and participate in knowledge sharing to improve detection engineering and response workflows.

Benefits

  • Robust medical insurance options to keep you and your family healthy.
  • Employer-paid Dental coverage
  • Employer-paid Short-Term (STD) and Long-Term Disability (LTD).
  • 3 weeks of paid vacation, plus additional sick leave and paid company holidays to ensure you have time to recharge.
  • Access to world-class training and mentorship.
  • Support your career trajectory, whether you’re looking to deepen your technical skills or move into leadership.
  • Help protect global clients using the latest AI-enhanced security tools and GCP native technologies.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Entry Level

Education Level

No Education Listed

Number of Employees

11-50 employees

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service