Charles Schwab
Be among the first 25 applicants.
The Senior CrowdStrike Engineer is an individual contributor supporting endpoint security technologies, threat monitoring, and management at Schwab Cybersecurity Services.
This role leads the security and infrastructure teams on the design, engineering, and implementation of technology solutions to ensure secure endpoints.
Advanced knowledge of the risk and endpoint security landscape is required to implement and maintain impactful security solutions.
What You’re Good At
Lead engineering efforts and implementation of endpoint security capabilities in CrowdStrike including EDR, NG‑SIEM, DLP, IDP, and Zero Trust.
Drive the implementation and adoption of CrowdStrike modules while ensuring all regulatory and compliance standards are met.
Collaborate with product and project teams to understand needs and enable security products.
Provide strong analysis and decision‑making skills; identify opportunities to mature endpoint security offerings, participate in technical cross‑functional sessions, and ensure adherence to change and configuration management principles.
Assess issues and develop resolutions to meet productivity, quality goals, and objectives.
What You Have
A proven track record of implementing enterprise security solutions including design, configuration, installation, customization, automation, and optimization of tools.
Experience and Skills
5+ years of experience configuring and maturing endpoint security programs, with at least 3 years of hands‑on expertise in CrowdStrike Falcon (EDR, Identity Protection, Data Protection, Exposure Management, SaaS Security, NG‑SIEM, Fusion, CWP, or FIM).
Proven track record of deploying, configuring, and tuning CrowdStrike agents across enterprise environments (Windows, macOS, Linux).
Strong understanding of EDR, threat hunting, IOC/IOA development, and real‑time response (RTR).
Experience writing and updating queries using CrowdStrike Query Language or similar SIEM query languages such as Splunk.
Experience integrating CrowdStrike with SIEM/SOAR platforms.
Experience integrating multiple security tools to provide enhanced visibility and monitoring capabilities.
Experience developing advanced workflows leveraging the CrowdStrike platform.
Ability to leverage CrowdStrike telemetry to support incident response investigations.
Comfortable collaborating with SOC, threat intel, and infrastructure teams to refine detection logic and reduce false positives.
Knowledge of MITRE ATT&CK, malware behaviors, and threat actor TTPs as they relate to endpoint security.
Advanced experience with scripting (PowerShell, CQL, Python, Bash) for automation and custom response actions.
Develop and report enterprise‑level metrics for endpoint security controls.
Architect solutions (initial state, transition, final state architectures).
Provide compliance and audit evidence for monitored systems.
Document, publish, and maintain a knowledge base of information pertaining to the functionality, processes, and procedures related to the supported tools.
Endpoint Security Focused Technologies
CrowdStrike
SIEM/SOAR
DLP
FIM
Red Team
Penetration testing
Incident management and response
Qualifications
More than 7 years of progressive experience in cybersecurity engineering.
CrowdStrike certifications (e.g., CCFR, CCFP) are highly desirable.
Advanced experience administering and managing CrowdStrike environments, including Data Protection, Identity Protection, FIM, Next‑Gen SIEM, Cloud Security, and Fusion Workflows.
Ability to identify security risks and weaknesses and provide remediation recommendations.
Demonstrated experience and expertise with multiple security controls across multiple domains.
Bachelor’s Degree in Computer Science, Engineering, or related field required.
CISSP, CISM, or other relevant industry certifications preferred.
Benefits
Competitive salary range.
Bonus and incentive opportunities.
401(k) with company match and Employee Stock Purchase Plan.
Paid time for vacation, volunteering, and a 28‑day sabbatical after every 5 years of service for eligible positions.
Paid parental leave and family building benefits.
Tuition reimbursement.
Health, dental, and vision insurance.
At Schwab, you’re empowered to shape your future.
We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration—so you can build the skills to make a lasting impact.
#J-18808-Ljbffr
The Senior CrowdStrike Engineer is an individual contributor supporting endpoint security technologies, threat monitoring, and management at Schwab Cybersecurity Services.
This role leads the security and infrastructure teams on the design, engineering, and implementation of technology solutions to ensure secure endpoints.
Advanced knowledge of the risk and endpoint security landscape is required to implement and maintain impactful security solutions.
What You’re Good At
Lead engineering efforts and implementation of endpoint security capabilities in CrowdStrike including EDR, NG‑SIEM, DLP, IDP, and Zero Trust.
Drive the implementation and adoption of CrowdStrike modules while ensuring all regulatory and compliance standards are met.
Collaborate with product and project teams to understand needs and enable security products.
Provide strong analysis and decision‑making skills; identify opportunities to mature endpoint security offerings, participate in technical cross‑functional sessions, and ensure adherence to change and configuration management principles.
Assess issues and develop resolutions to meet productivity, quality goals, and objectives.
What You Have
A proven track record of implementing enterprise security solutions including design, configuration, installation, customization, automation, and optimization of tools.
Experience and Skills
5+ years of experience configuring and maturing endpoint security programs, with at least 3 years of hands‑on expertise in CrowdStrike Falcon (EDR, Identity Protection, Data Protection, Exposure Management, SaaS Security, NG‑SIEM, Fusion, CWP, or FIM).
Proven track record of deploying, configuring, and tuning CrowdStrike agents across enterprise environments (Windows, macOS, Linux).
Strong understanding of EDR, threat hunting, IOC/IOA development, and real‑time response (RTR).
Experience writing and updating queries using CrowdStrike Query Language or similar SIEM query languages such as Splunk.
Experience integrating CrowdStrike with SIEM/SOAR platforms.
Experience integrating multiple security tools to provide enhanced visibility and monitoring capabilities.
Experience developing advanced workflows leveraging the CrowdStrike platform.
Ability to leverage CrowdStrike telemetry to support incident response investigations.
Comfortable collaborating with SOC, threat intel, and infrastructure teams to refine detection logic and reduce false positives.
Knowledge of MITRE ATT&CK, malware behaviors, and threat actor TTPs as they relate to endpoint security.
Advanced experience with scripting (PowerShell, CQL, Python, Bash) for automation and custom response actions.
Develop and report enterprise‑level metrics for endpoint security controls.
Architect solutions (initial state, transition, final state architectures).
Provide compliance and audit evidence for monitored systems.
Document, publish, and maintain a knowledge base of information pertaining to the functionality, processes, and procedures related to the supported tools.
Endpoint Security Focused Technologies
CrowdStrike
SIEM/SOAR
DLP
FIM
Red Team
Penetration testing
Incident management and response
Qualifications
More than 7 years of progressive experience in cybersecurity engineering.
CrowdStrike certifications (e.g., CCFR, CCFP) are highly desirable.
Advanced experience administering and managing CrowdStrike environments, including Data Protection, Identity Protection, FIM, Next‑Gen SIEM, Cloud Security, and Fusion Workflows.
Ability to identify security risks and weaknesses and provide remediation recommendations.
Demonstrated experience and expertise with multiple security controls across multiple domains.
Bachelor’s Degree in Computer Science, Engineering, or related field required.
CISSP, CISM, or other relevant industry certifications preferred.
Benefits
Competitive salary range.
Bonus and incentive opportunities.
401(k) with company match and Employee Stock Purchase Plan.
Paid time for vacation, volunteering, and a 28‑day sabbatical after every 5 years of service for eligible positions.
Paid parental leave and family building benefits.
Tuition reimbursement.
Health, dental, and vision insurance.
At Schwab, you’re empowered to shape your future.
We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration—so you can build the skills to make a lasting impact.
#J-18808-Ljbffr