American International Group
Endpoint Security Lead - CrowdStrike
American International Group, Dallas, Texas, United States, 75215
* Serve as the primary administrator and SME for the CrowdStrike Falcon platform.* Manage endpoint agent deployment, policy configurations, sensor health, and reporting.* Work with stakeholders to Test, maintain, and enforce security prevention policies and procedures of CrowdStrike Falcon Platform.* Lead endpoint protection posture improvements, including policy tuning and prevention rule updates.* Ensure sensor coverage and compliance across workstations, servers, and cloud workloads.* Monitor and triage CrowdStrike alerts, detections, and dashboards.* Work with SOC and Incident Response teams to investigate and remediate endpoint threats.* Leverage Falcon Insight and Real Time Response to contain, isolate, and eradicate threats.* Perform post-incident analysis and implement preventative measures.* Produce executive-level and operational security reports – including monthly true-up process indicating CrowdStrike coverage globally.* Ensure endpoint security posture aligns with frameworks (NIST, CIS, ISO, etc.).* Support internal/external audits and regulatory compliance requirements.* Bachelor’s degree in computer science or other technical disciplines or equivalent relevant experience.* 10+ years in an IT Security Engineering or Operations role with a focus on Endpoint Security Management tools.* Expert level knowledge in CrowdStrike Falcon Platform.* + CrowdStrike DLP
+ Next Generation SEIM
+ Exposure management
+ Fusion SOAR
+ Investigate
+ LogScale
+ Host setup and management
+ API Configuration
+ Identity Protection* Intermediate level knowledge is highly desired for below platforms:* + Tanium
+ Microsoft Defender DLP for Endpoint
+ Lookout for Mobile
+ Azure WVD / Citrix
+ Ansible* Knowledge of cyber security practices, challenges, tools and techniques* Recent and relevant experience in vulnerability analysis and exploitation techniques.* Troubleshoot issues within the product when necessary, assisting different teams, crash dumps, performance monitor and release blockers.* In depth knowledge of Critical Security Controls like NIST, CIS Benchmarks, DISA STIG standards etc.* Familiarity with International Security standards and Industry framework like ISO 27001/27002, PCI DSS and SOX.* In depth knowledge and expertise with Infrastructure hardening and Security settings for Windows and Linux.* Intermediate to Expert level knowledge on Windows & Active Directory, Unix/Linux Operating Systems.* Good scripting knowledge using PowerShell, Python, Linux shell is desired.* Basic knowledge of Cloud computing, Virtualization concepts and PaaS/SaaS services.* Strong knowledge of TCP/IP and HTTP protocols.* Be an energetic “self-starter” who is empowered to take ownership and be accountable for deliverables, both individually and as part of a growing team.* Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team.* CrowdStrike Certifications (CCFA, CCFR, CCES, CCRA).* Experience with CrowdStrike Identity Protection, Falcon Discover, or Mobile.* Background in large-scale enterprise deployments (50,000+ endpoints).* Cloud security experience (Azure, AWS, GCP endpoint workloads).* Experience with MDR or Falcon Complete programs.* CISSP or other Security certification.* Microsoft Azure or Linux Certifications.* AWS Certifications. #J-18808-Ljbffr
+ Next Generation SEIM
+ Exposure management
+ Fusion SOAR
+ Investigate
+ LogScale
+ Host setup and management
+ API Configuration
+ Identity Protection* Intermediate level knowledge is highly desired for below platforms:* + Tanium
+ Microsoft Defender DLP for Endpoint
+ Lookout for Mobile
+ Azure WVD / Citrix
+ Ansible* Knowledge of cyber security practices, challenges, tools and techniques* Recent and relevant experience in vulnerability analysis and exploitation techniques.* Troubleshoot issues within the product when necessary, assisting different teams, crash dumps, performance monitor and release blockers.* In depth knowledge of Critical Security Controls like NIST, CIS Benchmarks, DISA STIG standards etc.* Familiarity with International Security standards and Industry framework like ISO 27001/27002, PCI DSS and SOX.* In depth knowledge and expertise with Infrastructure hardening and Security settings for Windows and Linux.* Intermediate to Expert level knowledge on Windows & Active Directory, Unix/Linux Operating Systems.* Good scripting knowledge using PowerShell, Python, Linux shell is desired.* Basic knowledge of Cloud computing, Virtualization concepts and PaaS/SaaS services.* Strong knowledge of TCP/IP and HTTP protocols.* Be an energetic “self-starter” who is empowered to take ownership and be accountable for deliverables, both individually and as part of a growing team.* Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team.* CrowdStrike Certifications (CCFA, CCFR, CCES, CCRA).* Experience with CrowdStrike Identity Protection, Falcon Discover, or Mobile.* Background in large-scale enterprise deployments (50,000+ endpoints).* Cloud security experience (Azure, AWS, GCP endpoint workloads).* Experience with MDR or Falcon Complete programs.* CISSP or other Security certification.* Microsoft Azure or Linux Certifications.* AWS Certifications. #J-18808-Ljbffr