Base One Technologies
Endpoint Security Engineer with Security Clearance
Base One Technologies, Arlington, Virginia, United States, 22201
Primary Responsibilities:• Lead, manage, and understand the entire endpoint security lifecycle: obtain visibility, minimize surface area of attack, prevent and detect threats, investigate and respond, and remediate• Deploying, configuring, operating, monitoring, tuning, upgrading, and troubleshooting endpoint security tools• Collaborate, guide, and assist engineering with the deployment and centralization of an approved endpoint security solutions across multiple FISMA systems• Utilize approved tools to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions• Coordinating with engineering to develop and implement plans to apply patches, hot fixes, and other critical updates as needed• Build queries, dashboards, and reports for enterprise and leadership awareness• Work with technical support staff to troubleshoot endpoint tool issues and outages• Develop and maintain policies and tasks for all related endpoint products• Develop Standard Operating Procedures (SOPs) for the operation and maintenance of endpoint security tools• Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards• Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategyBasic Qualifications• BS degree in Science, Technology, Engineering, Math or related field and 4+ years of prior relevant experience with a focus on cybersecurity. Additional experience may be considered in lieu of a degree.• Strong foundational security knowledge, specifically in large and complex organizations• Prior experience deploying and managing advanced endpoint security solutions: Endpoint Protection (EPP) and Detection Response (EDR). I.E. (McAfee MVISION, CrowdStrike, CarbonBlack, Microsoft Defender, Sophos, SentinelOne) • Prior experience implementing and maintaining CyberArk.• Understanding of the current security threat landscape and attack techniques on endpoints.• At least one of the following certifications:• SANS GCIA, GCIH, GCFA, GCFE, GREM, GISF, GXPN, GWEB, GNFA, GMON• Offensive Security: OSCP, OSCE, OSWP, OSEE• ISC2: CCFP, CISSP• EC Council: CEH, CHFI, LPT, ECSA, ECIH• A desire to learn, combined with a collaborative work style and strong personal work ethic• Strong communication and presentation skills, both verbal and written• Department of Homeland Security (DHS) Entry on Duty (EOD) is required to support this program Required Education/ExperienceBS degree in Science, Technology, Engineering, Math or related field and 10–12 years of prior relevant experience with a focus on cybersecurity OR Masters with 8–10 years of prior relevant experience. Requirement CertificationsCCIE SecurityCisco Certified Network Professional (CCNP)CCNP SecurityCCSP – Certified Cloud Security ProfessionalCEH – Certified Ethical HackerCertified Data Administrator ProfessionalCertified Implementation Engineer SpecialistSplunk Certified ArchitectCertified Storage AssociateCISSP – Certified Information Systems SecurityCompTIA Advanced Security Practitioner (CASP)Converged Infrastructure SpecialistCSSLP – Certified Secure Software Lifecycle ProfessionalECSP – EC–Council Certified Secure ProgrammerGCIH – Incident HandlerGCWN – Windows Security AdministratorGICSP –Cyber Security ProfessionalGISF – Security FundamentalsGISP – Security ProfessionalGSSP – Secure Software ProgrammerGSSP – Secure Software ProgrammerMCSE – Microsoft Certified Solutions Expert (Server)RHCARHCESEI (Software Engineering Institute)SSCP – Systems Security Certified PractitionerVCA (Certified Associate)VCAP (Certified Advanced Professional)VCDX (Certified Design Expert)VCIX (Implementation Expert)VCP (Certified Professional) Preferred Qualifications• Certifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / Hunter• Direct support of SOC analyst and/or experience working in a SOC a plus• Familiarity of frameworks like MITRE ATT&CK a plus.• Knowledge and understanding on how to create and implement custom signatures to detect attack behaviors and patterns. I.E. Indicators of Attack (IOAs) detection rules• Experience with triaging and investigating hosts through EDR and EPP solutions
#J-18808-Ljbffr
#J-18808-Ljbffr