Endpoint Security Engineer Lead
Not Disclosed•Full-TimeHybrid
location_on3018, 10th Street North, Clarendon, Arlington, Arlington County, Virginia, 22201, United States
About the Team
Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. For 25 years, our single focus has been delivering cyber solutions to effectively manage risk and the business of cyber.
About the Role
We are seeking a Lead Endpoint Security Engineer to support a highly visible and strategic Cybersecurity Task Order for a federal customer. This role serves as the primary technical authority for CrowdStrike, guiding best practices while overseeing the deployment and maintenance of agents to ensure full endpoint coverage.
As a self-starter with excellent analytical and problem-solving skills, you will collaborate with internal teams to ensure systems are secure, scalable, and reliable. Your day-to-day involves leading incident detection, investigation, and response, including threat hunting and malware analysis in collaboration with the SOC. You will also integrate CrowdStrike with enterprise security tools, develop automation using Python, PowerShell, or shell scripting, and optimize EDR performance by refining detection logic and developing automated workflows.
This position is hybrid, requiring a commute to the Arlington, VA area.
Hiring Process
Candidates must be able to obtain a Public Trust clearance and successfully complete the EOD process. TDI restricts employment to individuals who are either US citizens or lawful permanent residents of the United States due to federal government business requirements.
Equal Opportunity
TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.
Work location
Work model: Hybrid
3018, 10th Street North, Clarendon, Arlington, Arlington County, Virginia, 22201, United States
Arlington, Virginia
Key Responsibilities
- check_circleLead incident detection, investigation, and response using CrowdStrike including threat hunting and malware analysis
- check_circleDeploy, configure, and manage CrowdStrike Falcon EDR across enterprise environments ensuring policy enforcement
- check_circleIntegrate CrowdStrike with enterprise security tools and develop automation using Python, PowerShell, or shell scripting
- check_circleOptimize EDR performance by refining detection logic and developing automated workflows and playbooks
- check_circleEnsure endpoint security architecture aligns with enterprise objectives, regulatory requirements, and compliance standards
- check_circleMaintain system health through backend administration, monitoring, and log management including operational scripting
- check_circleDevelop and maintain documentation, SOPs, and knowledge base articles to support consistent security operations
- check_circleProduce detailed reports on incidents, root cause analysis, and technical assessments to drive continuous improvement
- check_circleServe as primary technical authority for CrowdStrike to guide best practices and oversee agent deployment
Requirements
- verifiedAbility to obtain Public Trust clearance
- verifiedBachelor's degree in STEM or related field with 12-15 years experience OR Master's with 10 years
- verifiedCrowdStrike certification (e.g., CCFR, CCFP)
- verifiedUS citizen or lawful permanent resident
- verifiedProficiency in Python, PowerShell, or Bash scripting
- verifiedKnowledge of NIST or MITRE ATT&CK frameworks
- verifiedExperience with SIEM integrations
- verifiedUnderstanding of Windows, Linux, and macOS operating systems
Nice to Have
Experience automating management tasks with Ansible, Puppet, or Chef. Experience working with SIEM tools such as Splunk. Experience working in AWS and Azure. Experience with Wiz, Sepio, TVM, and Nucleus.
Similar Job Opportunities
Skills, education and keywords
Skills: Crowdstrike, Crowdstrike CCFP.
Education: Bachelor's degree in Science, Technology, Engineering or related field with 12-15 years experience; Master's degree with 10 years of prior relevant experience.
Frequently asked questions about Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity)
What does a Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity) do?expand_more
In this Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity) role, you will lead incident detection, investigation, and response using crowdstrike including threat hunting and malware analysis; deploy, configure, and manage crowdstrike falcon edr across enterprise environments ensuring policy enforcement; integrate crowdstrike with enterprise security tools and develop automation using python, powershell, or shell scripting; and optimize edr performance by refining detection logic and developing automated workflows and playbooks.
What are the requirements for this Endpoint Security Engineer Lead role?expand_more
TDI (Tetrad Digital Integrity) is looking for candidates who meet the following requirements: Ability to obtain Public Trust clearance; Bachelor's degree in STEM or related field with 12-15 years experience OR Master's with 10 years; CrowdStrike certification (e.g., CCFR, CCFP); US citizen or lawful permanent resident; Proficiency in Python, PowerShell, or Bash scripting; and Knowledge of NIST or MITRE ATT&CK frameworks.
Where is the Endpoint Security Engineer Lead role at TDI (Tetrad Digital Integrity) located?expand_more
Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity) is based in 3018, 10th Street North, Clarendon, Arlington, Arlington County, Virginia, 22201, United States. This is a hybrid role.
Is this Endpoint Security Engineer Lead job remote, hybrid, or on-site?expand_more
TDI (Tetrad Digital Integrity) has listed this Endpoint Security Engineer Lead role as hybrid.
How much experience is required for this Endpoint Security Engineer Lead role?expand_more
Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity) typically requires 10–15 years of relevant experience at the lead level.
What skills do you need for the Endpoint Security Engineer Lead role at TDI (Tetrad Digital Integrity)?expand_more
Key skills for Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity) include Crowdstrike; and Crowdstrike CCFP.
What education is required for Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity)?expand_more
Educational requirements for this role: Bachelor's degree in Science, Technology, Engineering or related field with 12-15 years experience; and Master's degree with 10 years of prior relevant experience.
What category does the Endpoint Security Engineer Lead role belong to?expand_more
Endpoint Security Engineer Lead at TDI (Tetrad Digital Integrity) is part of the it job category on Recrutus.