We have an immediate need for a Remote Information Security Engineer ll (Endpoint Detection and Response) for a 6-month contract. The Endpoint Detection and Response (EDR) Engineer, will help design, deploy, configure, optimize, and validate next-generation endpoint security solutions for customers. You’ll work with in-house teams to identify the right mix of tools, techniques, and procedures to translate our customer’s needs and future goals into a plan that will enable secure and effective solutions.

Location: Remote
Duration: 6 Months
Pay Range: $40-$60/hr w2
Client: Fortune 100 Telecommunications Company

Responsibilities:

• Triage alerts and determine if further investigation or action is required by the customer.
• Assist customers with the investigation and response of incidents throughout the incident response process.
• Perform investigations of customer requests and be able to provide further contextual information along with recommended actions.
• Proactively threat hunt using network and host data within customer environments
• Mentor junior engineers

Ideal Candidate:

• Ability to Obtain Government Suitability Clearance Required
• 3+ years of experience with supporting enterprise EDR solutions, including Carbon Black EDR, , SentinelOne, FireEye HX, McAfee, Tanium,etc.
• 3+ years of experience in working with a Security Operations Center (SOC) environment, leveraging EDR tools, CrowdStrike Falcon (is a plus), to support incident response, vulnerability scanning, threat hunting, network monitoring and log management, and compliance management activities.
• Experience with optimization of EDR solutions, including refinement data produced, development of automated workflows or playbooks, and integration of the EDR data with Enterprise solutions, including SIEM, ITSM, and TIP solutions.
• Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks.
• Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP’s (tactics, techniques, and procedures) used by threat actors.
• Experience with providing support in a Tier I or II IT operations and maintenance role, including ticket work information updates, issue responses, and remediation.
• Experience using ticketing systems for tracking (JIRA, Remedy, ServiceNow, etc.)

*No C2C or 3rd party candidates. Client requires candidates to be a US Citizen.

If qualified, interested, and available (or know of somebody who is), please reply back with an updated resume and pay requirements for immediate consideration to chris.whalen@comcentric.com