Lead Endpoint Security Engineer

Metronome LLC has an immediate need for an experienced Endpoint Security Engineer for a new customer on a highly-visible and strategic Cybersecurity Task Order. The Endpoint Security Engineer will be responsible for implementing and operationalizing host-based defensive capabilities using endpoint protection (EPP) and detection response (EDR) products, as well as other endpoint security tools/controls. The ideal candidate is a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to work within a team to stand up and mature the cybersecurity capabilities of our customerPrimary Responsibilities:Lead, manage, and understand the entire endpoint security lifecycle: obtain visibility, minimize surface area of attack, prevent and detect threats, investigate and respond, and remediateDeploying, configuring, operating, monitoring, tuning, upgrading, and troubleshooting endpoint security toolsCollaborate, guide, and assist engineering with the deployment and centralization of an approved endpoint security solutions across multiple FISMA systemsUtilize approved tools to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusionsCoordinating with engineering to develop and implement plans to apply patches, hot fixes, and other critical updates as neededBuild queries, dashboards, and reports for enterprise and leadership awarenessWork with technical support staff to troubleshoot endpoint tool issues and outagesDevelop and maintain policies and tasks for all related endpoint productsDevelop Standard Operating Procedures (SOPs) for the operation and maintenance of endpoint security toolsPerforms analyses to validate established security requirements and to recommend additional security requirements and safeguardsResearches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategyBS degree in Science, Technology, Engineering, Math or related field and 8+ years of prior relevant experience with a focus on cybersecurity. Additional experience may be considered in lieu of a degree.Strong foundational security knowledge, specifically in large and complex organizationsPrior experience deploying and managing advanced endpoint security solutions: Endpoint Protection (EPP) and Detection Response (EDR). I.E. (McAfee MVISION, CrowdStrike, CarbonBlack, Microsoft Defender, Sophos, SentinelOne)Prior experience implementing and maintaining CyberArk.Understanding of the current security threat landscape and attack techniques on endpoints.At least one of the following certifications:SANS GCIA, GCIH, GCFA, GCFE, GREM, GISF, GXPN, GWEB, GNFA, GMON, Offensive Security: OSCP, OSCE, OSWP, OSEE, ISC2: CCFP, CISSP, EC Council: CEH, CHFI, LPT, ECSA, ECIHA desire to learn, combined with a collaborative work style and strong personal work ethicStrong communication and presentation skills, both verbal and written.Department of Homeland Security (DHS) Entry on Duty (EOD) is required to support this programCertifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / HunterDirect support of SOC analyst and/or experience working in a SOC a plusFamiliarity of frameworks like MITRE ATT&CK a plus.Knowledge and understanding on how to create and implement custom signatures to detect attack behaviors and patterns. I.E. Indicators of Attack (IOAs) detection rulesExperience with triaging and investigating hosts through EDR and EPP solutions