Seeking an experienced Endpoint Security and Incident Response Specialist to lead enterprise cybersecurity operations. Role requires SME expertise in CrowdStrike Falcon and SecureWorks, focusing on incident response, threat detection, and platform administration. Key requirements include extensive experience in incident response, API integrations, EDR management, and scripting.
Key Highlights
Key Responsibilities
Technical Skills Required
Benefits & Perks
Job Description
Endpoint Security / Incident Response Specialist
Location: Fully Remote (U.S.) Must be in PST
Overview
We are seeking a highly experienced Endpoint Security and Incident Response Specialist to support enterprise-level cybersecurity operations. This role will serve as a subject matter expert (SME) in CrowdStrike Falcon and SecureWorks platforms, leading incident response efforts, endpoint protection strategies, and advanced threat detection across a complex environment.
Key Responsibilities
- Lead and execute incident response activities in a large enterprise environment, including investigation, containment, and remediation of security events
- Serve as SME for CrowdStrike Falcon, managing platform configuration, optimization, and ongoing administration across multiple environments
- Configure and maintain telemetry API integrations across SIEM, XDR, and endpoint security tools
- Administer Endpoint Detection & Response (EDR) platforms, including:
- Prevention policies
- IOA exclusions
- USB device control
- Firewall configurations
- Fusion SOAR workflow automation
- Perform advanced threat hunting using endpoint and data protection tools to proactively identify risks
- Analyze malware, utilize threat intelligence feeds, and conduct sandbox analysis to support detection and response efforts
- Develop automation using scripting languages (PowerShell, Python, Bash) to enhance security operations and response times
- Integrate and manage APIs for reporting, automation, and tool interoperability
- Generate and deliver security reports using APIs and platform-native reporting tools
- Collaborate with cross-functional teams to ensure effective monitoring, detection, and response across the enterprise
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
Required Qualifications
- 3+ years (within last 4 years): Enterprise incident response experience
- 3+ years (within last 4 years): Telemetry API integrations with SIEM/XDR tools
- 6+ years (within last 8 years):
- Managing CrowdStrike Falcon and SecureWorks platforms
- Administering EDR tools (policies, IOAs, device control, SOAR workflows)
- Malware analysis, threat intelligence, and sandboxing
- 5+ years: Experience with virtualization/VDI and cloud SaaS environments
- 4+ years: Scripting/programming with PowerShell, Python, or Bash
- 2+ years: API integration and automation experience
- Bachelor’s degree or equivalent experience
Similar Jobs
Explore other opportunities that match your interests
nava software solutions
hhs, llc
