Endpoint Security Engineer Lead

Tetrad Digital Integrity LLC•Arlington, VA

1d•Hybrid

About The Position

Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years! TDI is looking for a Lead Endpoint Security Engineer for a customer on a highly visible and strategic Cybersecurity Task Order. The Security Engineer will need to be a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to coordinate multiple concurrent tasks effectively. The engineer will collaborate with internal teams to ensure systems are secure, scalable, and reliable, while supporting the design, development, and integration of cybersecurity tools and architectures across enterprise environments. This position is hybrid with commute to the Arlington, VA area.

Requirements

Ability to obtain Public Trust clearance and successfully complete the EOD process
Bachelor's degree in Science, Technology, Engineering or related field and 12-15 years of prior relevant experience with a focus on cybersecurity or Master's with 10 years of prior relevant experience
Experience leading cross-functional security initiatives and managing small teams or projects
Extensive hands-on experience with the CrowdStrike Falcon platform, including multiple modules (e.g., EDR, FIM, Identity Protection, Data Protection)
Expertise in endpoint security concepts and incident response processes
Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom response actions
Strong knowledge of security frameworks like NIST or MITRE ATT&CK
Experience with SIEM integrations and threat analysis
Solid understanding of operating systems (Windows, Linux, macOS)

Nice To Haves

Experience automating management tasks with Ansible, Puppet, or Chef
Experience working with SIEM tools such as Splunk to ingest, normalize, store, and maintain data from endpoint, network, and application sourcetypes
Experience working in AWS and Azure
Experience with Wiz, Sepio, TVM and Nucleus is a plus

Responsibilities

Serve as the primary technical authority for CrowdStrike, guiding best practices while overseeing deployment and maintenance of agents to ensure full endpoint coverage
Lead and support incident detection, investigation, and response using CrowdStrike, including threat hunting and malware analysis in collaboration with the SOC
Deploy, configure, and manage CrowdStrike Falcon EDR across enterprise environments, ensuring effective coverage, policy enforcement, and threat response
Integrate CrowdStrike with enterprise security tools (e.g., SIEM/SOAR) and develop automation using Python, PowerShell, or shell scripting to enhance security operations
Optimize EDR performance by refining detection logic, improving data quality, and developing automated workflows and playbooks
Ensure endpoint security architecture aligns with enterprise objectives, regulatory requirements, and compliance standards through periodic reviews and enhancements
Maintain system health through backend administration, monitoring, and log management, including scripting for operational efficiency
Develop and maintain documentation, SOPs, and knowledge base articles to support consistent security operations
Produce detailed reports on incidents, root cause analysis, and technical assessments to drive continuous improvement

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume