TEKsystems Tier 3 (Security Engineer) EDR Specialist in Austin, Texas
The Tier 3 Security Engineer – Endpoint Detect and Respond (EDR) Specialist is expected to have experience in configuring, tuning, and managing various EDR security tools, preferably within a Managed Security Services Provider (MSSP) environment. Expertise with the products offered by one or more of the following vendors is required: SentinalOne (preferred), Crowdstrike, McAfee.
Experience with firewalls and IDS tuning, configuration, and management a plus.
The Tier 3 Security Engineer – EDR Specialist provides support to Security Operations in the management and tuning of various EDR solutions to provide optimal Service levels to multiple customers and customer environments. This may include managing and optimizing custom configurations for individual customers. This individual will be required to utilize an ITSM Ticketing system to track and record work performed in tuning of EDR solutions, providing accounts, creation, and management of change processes for managing applying patching and performing upgrades to various EDR Platforms.
Tier 3 Security Engineers are responsible for:
• Determining service impact of security tools.
• Alerting SOC (Security Operations Centers) of possible impacts due to misconfigurations and/or Updates.
• Working tickets via ticketing system.
• Creating tickets for various needs of Security Engineering.
• Research and data collection of events of interest to tune security tools.
• Engaging support of Tier 3 Analysts, Network Operations Center (NOC), Network Engineers and/or the CSIRT (Computer Security Incident Response TEAM) when necessary.
• Developing and deploying Indicators of Compromise (IOCs) and associated rules.
• Creating documentation for security tools.
• Document and escalate requests for tuning, upgrades, account creations, and patching of security tools.
• Receive and analyze requests for tuning.
• Provide timely responses to requests for tuning and change management.
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
• Assist in the construction of signatures which can be implemented on security tools in response to new or observed threats within the network environment or enclave.
• Provide guidance and mentorship to Tier 2 Security Engineering personnel.
• Contribute to the creation of process documentation and training materials.
• Be able to work a rotating on-call schedule as required.
• Be able to work nights and weekends, as required, for maintenance and incident response.
Qualifying Experience and Attributes
• Three (3) to five (5) years of Security Engineering, security tool administration and/or content creation.
• CompTIA Security + certification (or equivalent/higher)
• Experience with EDR Solutions from one or more of the following vendors: SentinelOne (preferred), Crowdstrike, or McAfee.
• Experience with other Security technologies such as, McAfee NSM, TippingPoint, FireEye, InfoCyte, Fortigate suite, is a plus.
• Able to use the internet to do research on events of interest.
• Working knowledge of cybersecurity and privacy principles.
• Working knowledge of cyber threats and vulnerabilities.
• Working knowledge of Intrusion Response in the form of day-to-day network traffic analysis and threat assessment/impact analysis.
• Familiarity with encryption algorithms, cryptography, and cryptographic key management concepts.
• Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
We are an equal opportunity employers and will consider all applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. To view the EEO is the law poster click here. Applicants with disabilities that require an accommodation or assistance a position, please call 888-472-3411 or email firstname.lastname@example.org. This is a dedicated line designed exclusively to assist job seekers whose disability prevents them from being able to apply online. Messages left for other purposes will not receive a response.