Logo
ITmPowered, LLC

Crowdstrike EDR Deployment SME - IoT Med Devices

ITmPowered, LLC, Seattle, Washington, us, 98127


Crowdstrike Endpoint Detection and Response (EDR) Deployment Consultant - Med Devices

The Crowdstrike Endpoint Detection and Response (EDR) deployment consultant will help design, configure, optimize, deploy, and validate Crowdstrike EDR agents to roughly 10,000 hospital medical devices and facilities IoT endpoints. Be on the frontlines of Technology Risk in the emerging area of Medical Device Cybersecurity! A large national hospital network can have over 350,000 connected medical devices. Many of these interconnected devices (hospital imaging equipment, patient monitoring, IV pumps, blood spinners.) and connected hospital facilities devices (elevators, door locks, ID Card readers) are exposed publicly and vulnerable to cyber-attack. To help protect this large endpoint network, our client is deploying Crowdstrike Endpoint Detection and Response (EDR) agents to 10,000+ IoT and Medical Device endpoints.

Responsibilities:

Use Excel to analyze and synthesize IoT / Med device data from scans, asset inventories, CMMS, network addresses, etc into Sensor capable Endpoint groupings.Validate with device owners devices are sensor capable - OS, Memory, coms, FDA regulated, vendor mgd.Coordinate with device owners to install and test Crowdstrike to ensure no impacts to device purpose.Deploy Crowdstrike Falcon Endpoint Detection and Response (EDR) detection agent up to 10K devices.Reduce risk by ensuring coverage of malware detection for in-scope Crowdstrike EDR Agent capable devices.Migrate existing devices from alert-only mode to blocking mode.Crowdstrike EDR Agent deployment, configuration, integration, and troubleshooting.Optimize and tune Crowdstrike sensors for IoT / Med Device scenarios.Provide EDR escalation support for agents already installed - remove conflicts, performance tune sensors.Assist with prestaging and executing managed security device changes such as Crowdstrike Falcon EDR configuration changes and endpoint agent updates.Document Crowdstrike EDR Agent configurations, detection use cases, and response solutions.Optimization of EDR solution, including refinement data produced, development of automated workflows or playbooks, and integration of the EDR data with Enterprise solutions, including SIEM, ITSM, and TIP solutions.May assist with potential support for Tanium or Power agent installation.Communications - Use MS Teams for daily team interaction and meetings. Provide weekly status to team and executives in many departments on progress, plans, priorities, roadblocks, risks, decisions, and solutions.You Have:

Experience with enterprise Crowdstrike EDR deployments (30,000 - 500,000 endpoints).3+ years of experience with EDR deployment, configuration, maintenance, and supporting enterprise EDR solutions, including CrowdStrike Falcon, Carbon Black EDR, SentinelOne, FireEye HX, McAfee MVision, Microsoft Defender for Endpoint (MDE), Tanium, or Elastic Endpoint Protection deployments.3+ years of experience performing Crowdstrike EDR systems administration, including basic troubleshooting and installation, monitoring system performance or availability, performing security upgrades, and optimizing solution configurations to meet the needs of operational users.2+ years of experience working in a Security Operations Center (SOC) environment, leveraging EDR tools to support incident response, vulnerability scanning, threat hunting, network monitoring and log management, and compliance management activities.Experience with optimization of EDR solutions, including refinement data produced, development of automated workflows or playbooks, integration of EDR data with Enterprise solutions (SIEM, ITSM, TIP)Ability to provide content on deliverables, including written reports and technical documents, SOPs and configuration guides, and training and briefing materials.CrowdStrike Certified Falcon Administrator certification preferred.Experience with MS Excel for Endpoint Security Data analysis, synthesis, and reportingExperience with Office/M365, MS Teams, Power Point.Bachelor's degreeLOGISTICS:

Work remotely anywhere in Domestic US. Must be willing to work 8-5 Pacific time M-F.Contract role through end of the year with potential for extension and/or conversion to perm.COVID-19 Vaccine and Booster Required - OR must provide valid medical exemption from doctor in advance.Must be able to successfully pass a 12-panel drug screen, 10-year background check, employment verification.You will need to be a current US Citizen or valid Green Card holder. No need for a visa now or in future. This role is not able to offer visa transfer or sponsorship now or in the future.W2 only - No sub vendors. Sponsorship NOT available.Must have direct contact information on resume (phone / email) to be considered.