Apply on Employer Site

Charles Schwab · 19 hours ago

Senior CrowdStrike Engineer (Endpoint Security)

Orlando, FL, US

Full-time

Onsite

Senior Level

$155K/yr - $180K/yr

7+ years exp

Charles Schwab is seeking a Senior CrowdStrike Engineer to support endpoint security technologies within their Cybersecurity Services. This role involves leading engineering efforts for endpoint security capabilities in CrowdStrike, ensuring compliance with regulatory standards, and collaborating with various teams to enhance security solutions.

Financial Services

H1B Sponsor Likely

Responsibilities

Leading the engineering efforts and implemention of endpoint security capabilities in CrowdStrike including EDR, NG-SIEM, DLP, IDP, and Zero Trust

Leading the implementation and adoption of CrowdStrike modules while ensuring all regulatory and compliance standards are met

Collaborating with product and project teams to understand needs and enablement with security products

Strong analysis and decision-making skills with the ability to identify opportunities to mature endpoint security offerings, participate in technical cross-functional sessions, and ensure adherence to change and configuration management principles

Assessing issues and developing resolutions to meet productivity, quality goals, and objectives

A proven track record of experience in implementing enterprise security solutions including design, configuration, installation, customization, automation, and optimization of tools

Experience configuring and maturing endpoint security programs, with at least 3 years of hands-on expertise in CrowdStrike Falcon (including EDR, Identity Protection, Data Protection, Exposure Management, SaaS Security, NG-SIEM, Fusion, CWP, or FIM)

Proven track record of deploying, configuring, and tuning CrowdStrike agents across enterprise environments (Windows, macOS, Linux)

Strong understanding of endpoint detection and response (EDR), threat hunting, IOC/IOA development, and real-time response (RTR)

Experience writing and updating queries using CrowdStrike Query Language, or similar SIEM query language such as Splunk

Experience integrating CrowdStrike with SIEM/SOAR platforms

Experience integrating multiple security tools to provide enhanced visibility and monitoring capabilities

Experience developing advanced workflows leveraging the CrowdStrike platform

Ability to leverage CrowdStrike telemetry to support incident response investigations

Comfortable collaborating with SOC, threat intel, and infrastructure teams to refine detection logic and reduce false positives

Knowledge of MITRE ATT&CK, malware behaviors, and threat actor TTPs as they relate to endpoint security

Advanced experience with scripting (PowerShell, CQL, Python, Bash) for automation and custom response actions

Develop and report enterprise level metrics for endpoint security controls

Architect solutions (initial state, transition, final state architectures)

Provide compliance and audit evidence for monitored systems

Document, publish, and maintain a knowledge base of information pertaining to the functionality, processes, and procedures related to the supported tools

Qualification

CrowdStrike FalconEndpoint DetectionResponseSIEM/SOAR integrationScripting PowerShellScripting PythonCrowdStrike certificationsCybersecurity engineeringMITRE ATT&CK knowledgeIncident managementCollaboration skillsDocumentation skills

Required

5+ years of experience configuring and maturing endpoint security programs, with at least 3 years of hands-on expertise in CrowdStrike Falcon (including EDR, Identity Protection, Data Protection, Exposure Management, SaaS Security, NG-SIEM, Fusion, CWP, or FIM)