Endpoint Security Lead - CrowdStrike

AIG Insurance-posted 5 days ago
$126,000 - $171,000/Yr
Full-time • Mid Level
Onsite • Reston, VA
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology (IT) team equips our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. Innovation in IT drives innovation across the organization How you will create an impact The CrowdStrike Endpoint Security Lead will be part of AIG's Enterprise Information Security Organization, responsible for overseeing the deployment, configuration, administration, and ongoing optimization of the CrowdStrike Falcon platform across the enterprise. This role ensures the organization’s endpoints remain protected against advanced threats by leveraging CrowdStrike’s full suite of capabilities, including NGAV, EDR, Identity Protection, Exposure management, CrowdStrike Mobile, and threat hunting. The ideal candidate has hands-on expertise with endpoint security technologies, strong analytical skills, and proven experience leading enterprise-scale security initiatives. The candidate must have extensive experience securing enterprise-level Cloud services, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) across multiple cloud providers, including AWS, and Microsoft Azure (Azure). The individual in this position will lead as subject matter expert (SME) working in a team of Engineers and interacts closely with other IT groups like Security Architecture, Infrastructure Build and Operations teams, and GCDC SOC analysts for research and remediation of Security vulnerabilities, controls, and settings.

  • Platform Ownership & Administration Serve as the primary administrator and SME for the CrowdStrike Falcon platform.
  • Manage endpoint agent deployment, policy configurations, sensor health, and reporting.
  • Work with stakeholders to Test, maintain, and enforce security prevention policies and procedures of CrowdStrike Falcon Platform.
  • Lead endpoint protection posture improvements, including policy tuning and prevention rule updates.
  • Ensure sensor coverage and compliance across workstations, servers, and cloud workloads.
  • Threat Detection & Response Monitor and triage CrowdStrike alerts, detections, and dashboards.
  • Work with SOC and Incident Response teams to investigate and remediate endpoint threats.
  • Leverage Falcon Insight and Real Time Response to contain, isolate, and eradicate threats.
  • Perform post-incident analysis and implement preventative measures.
  • Identity Protection Manage CrowdStrike Identity Protection/ITDR modules and integrations.
  • Support MFA, conditional access, and endpoint identity controls.
  • Integration & Engineering Integrate CrowdStrike with SIEM, SOAR, vulnerability management tools, and other security platforms.
  • Lead CrowdStrike version upgrades, module rollouts, and configuration changes.
  • Develop automation and workflows using APIs, scripts, and reporting tools.
  • Governance, Reporting & Compliance Produce executive-level and operational security reports – including monthly true-up process indicating CrowdStrike coverage globally.
  • Ensure endpoint security posture aligns with frameworks (NIST, CIS, ISO, etc.).
  • Support internal/external audits and regulatory compliance requirements.
  • Team Leadership & Collaboration Provide technical directions to junior security analysts and engineers.
  • Work closely with IT, Infrastructure, and Desktop teams on deployment strategy.
  • Liaise with CrowdStrike support, TAMs, and product teams when necessary.
  • Bachelor’s degree in computer science or other technical disciplines or equivalent relevant experience.
  • 10+ years in an IT Security Engineering or Operations role with a focus on Endpoint Security Management tools.
  • Expert level knowledge in CrowdStrike Falcon Platform.
  • CrowdStrike DLP Next Generation SEIM Exposure management Fusion SOAR Investigate LogScale Host setup and management API Configuration Identity Protection
  • Intermediate level knowledge is highly desired for below platforms: Tanium Microsoft Defender DLP for Endpoint Lookout for Mobile Azure WVD / Citrix Ansible
  • Knowledge of cyber security practices, challenges, tools and techniques
  • Recent and relevant experience in vulnerability analysis and exploitation techniques.
  • Troubleshoot issues within the product when necessary, assisting different teams, crash dumps, performance monitor and release blockers.
  • In depth knowledge of Critical Security Controls like NIST, CIS Benchmarks, DISA STIG standards etc.
  • Familiarity with International Security standards and Industry framework like ISO 27001/27002, PCI DSS and SOX.
  • In depth knowledge and expertise with Infrastructure hardening and Security settings for Windows and Linux.
  • Intermediate to Expert level knowledge on Windows & Active Directory, Unix/Linux Operating Systems.
  • Good scripting knowledge using PowerShell, Python, Linux shell is desired.
  • Basic knowledge of Cloud computing, Virtualization concepts and PaaS/SaaS services.
  • Strong knowledge of TCP/IP and HTTP protocols.
  • Be an energetic “self-starter” who is empowered to take ownership and be accountable for deliverables, both individually and as part of a growing team.
  • Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team.
  • CrowdStrike Certifications (CCFA, CCFR, CCES, CCRA).
  • Experience with CrowdStrike Identity Protection, Falcon Discover, or Mobile.
  • Background in large-scale enterprise deployments (50,000+ endpoints).
  • Cloud security experience (Azure, AWS, GCP endpoint workloads).
  • Experience with MDR or Falcon Complete programs.
  • CISSP or other Security certification.
  • Microsoft Azure or Linux Certifications.
  • AWS Certifications.
  • In addition, we’re proud to offer a range of competitive benefits, a summary of which can be viewed here: US Benefits Overview .
  • At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service