Sr. Endpoint Detection & Response (EDR) Tools Engineer

Sr. Endpoint Detection & Response (EDR) Tools Engineer

Location: Washington DC / Los Angeles / Seattle / NYC

Duration: Long-Term Contract

The Global Security Organization provides industry-leading security and privacy services, globally. Our organization uses four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, we drive risk informed and empowered decision making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class security capabilities.

As an Endpoint Detection and Response (EDR) Tools Engineer, the candidate will be part of the Business Operations Protection team responsible for deploying, operating, and maintaining the global EDR platform. The candidate will provide support for EDR tools in the environment. The candidate must be able to communicate with the Security Operations and Incident Response teams to identify adjustments and modifications to be made to the EDR toolset. As in the most senior EDR tools engineer position, the candidate must be able to lead a team and by example to drive progress forward.

• Lead and oversee deployment, operation, and maintenance of the global EDR platform
• Provide support response to other security teams in respect to the EDR platform
• Identify adjustments and modifications for configuration
• Identify new opportunities for tools to incorporate into the EDR platform

The candidate must have expert technical skills in the deployment, operation, and maintenance of EDR tools. The candidate must also have the ability to communicate well, contribute to cross functional and individual contributor teams, participate in response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of Client's critical business, go to market, and operational infrastructure needs. Education: Bachelor's degree in Cybersecurity or equivalent information security, privacy, risk, compliance, project management or like discipline from an accredited college or university or measurable knowledge / experience from proven industry, military, defense, or government operations. Minimum Qualifications:

• 6+ years of experience with performing systems administration, including basic troubleshooting and installation, monitoring system performance or availability, performing security upgrades, and optimizing solution configurations to meet the needs of operational users
• Experience in a cybersecurity role in a global enterprise
• Experience developing and executing work processes in a fast-paced technical environment
• Ability to lead by example in a high-functioning team
• Excellent analytical and problem-solving skills with attention to detail
• Experience with deployment of an EDR solution in a large customer environment, including 100k+ endpoints
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions
• Experience with providing status reports, including metrics and KPIs, for team activities
• Knowledge of network security architecture concepts including topology, protocols, components, and principles
• Knowledge of various enterprise operating system (OS) configurations and management tools for use during deployment, configuration, and management of EDR solutions
• Industry relevant certification(s) (CISSP, GSEC, CISA, Security+, Network+, etc.)
• Ability to travel up to 25% of the time

Preferred Qualifications:

• Excellent communication skills (verbal and written) along with teamwork collaboration per global and multi-functional teams and intelligence source groups
• Experience creating and disseminating reports in a technical environment
• Demonstrates excellent time management and prioritization
• Highly motivated to contribute and grow within a complex area of emerging importance in an enterprise environment
• 4+ years of experience working within a Security Operations Center (SOC) environment, including but not limited to incident response, vulnerability scanning, threat hunting, network monitoring/log management, and compliance management
• 3+ years of experience leading fast-paced technical teams
• Knowledge of enterprise security tools, including Security Information & Event Management (SIEM), Threat Intelligence Platforms (TIPs), and network monitoring tools
• Knowledge of executing incident response activities and seeing incidents through to successful remediation
• Ability to integrate cybersecurity data using enterprise or custom tools data aggregation and analysis tools, such as Splunk
• EDR vendor certifications

InterSources Inc, a Certified Diverse Corporation, was founded in 2007, to offer innovative solutions to help clients with Digital Transformations across various domains and industries. Our history spans over 14 years and today we are an Award-Winning Global Software Consultancy solving complex problems with technology. We recognize that our Employees, Vendor and our Clients are our strengths as the diverse talents and opportunities they bring to the table enable us to grow as a global platform and they are causally linked with our success. We provide strategic and technical advice, and we have expertise in areas covering Artificial Intelligence, Cloud Migration, Custom Software Development, Data Analytics Infrastructure & Cloud Solutions, Cyber Security Services, etc. We make reasonable accommodations for clients and employees and we do not discriminate based on any protected attribute including race, religion, color, national origin, gender sexual orientation, gender identity, age, marital status. We also are a Google Cloud partner company. We align strategy with execution and provide secure service solutions by developing and using the latest technologies that thrive our resources to deliver industry-leading capabilities to our clients and customers, making it convenient for our clients to do business with InterSources Inc. Our teams also drive growth by refining technology-driven client experiences that put the users first, providing an unparalleled experience. This results in strengthening the core technologies of clients, enabling them to scale with flexibility, create seamless digital experiences and build lifelong relationships.