Endpoint Detection and Threat Hunting Analyst

By /
  • Type: Contract
  • Job #104468

Endpoint Security / Incident Response Specialist

Location: Fully Remote (U.S.)

Overview

We are seeking a highly experienced Endpoint Security and Incident Response Specialist to support enterprise-level cybersecurity operations. This role will serve as a subject matter expert (SME) in CrowdStrike Falcon and SecureWorks platforms, leading incident response efforts, endpoint protection strategies, and advanced threat detection across a complex environment.

Key Responsibilities

  • Lead and execute incident response activities in a large enterprise environment, including investigation, containment, and remediation of security events
  • Serve as SME for CrowdStrike Falcon, managing platform configuration, optimization, and ongoing administration across multiple environments
  • Configure and maintain telemetry API integrations across SIEM, XDR, and endpoint security tools
  • Administer Endpoint Detection & Response (EDR) platforms, including:
    • Prevention policies
    • IOA exclusions
    • USB device control
    • Firewall configurations
    • Fusion SOAR workflow automation
  • Perform advanced threat hunting using endpoint and data protection tools to proactively identify risks
  • Analyze malware, utilize threat intelligence feeds, and conduct sandbox analysis to support detection and response efforts
  • Develop automation using scripting languages (PowerShell, Python, Bash) to enhance security operations and response times
  • Integrate and manage APIs for reporting, automation, and tool interoperability
  • Generate and deliver security reports using APIs and platform-native reporting tools
  • Collaborate with cross-functional teams to ensure effective monitoring, detection, and response across the enterprise

Required Qualifications

  • 3+ years (within last 4 years): Enterprise incident response experience
  • 3+ years (within last 4 years): Telemetry API integrations with SIEM/XDR tools
  • 6+ years (within last 8 years):
    • Managing CrowdStrike Falcon and SecureWorks platforms
    • Administering EDR tools (policies, IOAs, device control, SOAR workflows)
    • Malware analysis, threat intelligence, and sandboxing
  • 5+ years: Experience with virtualization/VDI and cloud SaaS environments
  • 4+ years: Scripting/programming with PowerShell, Python, or Bash
  • 2+ years: API integration and automation experience
  • Bachelor’s degree or equivalent experience

#LI-BP1

Scroll to Top