Senior Endpoint Detection and Response (EDR) Engineer

This job opportunity is part of an RFP process; candidates are invited to submit their resumes detailing relevant experience.

Job Title: Senior Endpoint Detection and Response (EDR) Engineer

Work Location: Washington DC (Onsite)

Clearance: Public Trust

Required: US citizen or Lawful Permanent Resident

LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.

Job Summary:

LCG's Growth Team is seeking an experienced Senior Endpoint Detection and Response (EDR) Engineer. The client in promoting financial stability through comprehensive data collection, standardization, and analysis. By gathering and providing critical financial data to client and its member agencies, the client ensures consistent reporting and informed decision-making. The office conducts both applied and long-term research, develops advanced risk measurement and monitoring tools, and assists regulatory agencies in determining data collection formats. Additionally, the client makes its findings available to financial regulatory bodies, enhancing oversight capabilities and strengthening the resilience of the financial system.

The Senior Endpoint Detection and Response (EDR) Engineer will play a crucial role in strengthening cybersecurity defenses by designing, configuring, optimizing, and deploying CrowdStrike Falcon and Trellix HX agents. This position is responsible for managing the CrowdStrike Falcon Suite-including Next-Gen Antivirus (NGAV), EDR, XDR, and SIEM-as well as Trellix HX, while overseeing firewall configurations, device management, and vulnerability mitigation. As a Subject Matter Expert (SME), the engineer will troubleshoot EDR conflicts, conduct security audits, and collaborate with cross-functional IT teams to enhance security controls. This highly technical role requires expertise in EDR systems, best practices, and emerging security technologies, including deception infrastructure, continuous penetration testing, data loss prevention (DLP), and machine learning capabilities. The engineer will contribute to advancing incident response and overall security maturity by providing strategic recommendations and leveraging new capabilities.

Key Tasks and Responsibilities:

Platform Administration & Security Management

• Administer and manage the CrowdStrike Falcon platform, ensuring proper user access, permissions, and configurations.
• Deploy and maintain endpoint security agents across all organizational devices.
• Monitor and analyze endpoint security data to identify potential threats and vulnerabilities.

Incident Response & Threat Intelligence

• Investigate and respond to security incidents detected by the CrowdStrike Falcon platform.
• Conduct root cause analysis and implement appropriate remediation actions.
• Integrate threat intelligence feeds to enhance detection and response capabilities.
• Participate in breach and attack simulations, including purple teaming exercises, to test and improve incident response plans.
• Stay updated on emerging cyber threats and trends.

Policy Management & Compliance

• Develop, enforce, and optimize security policies within the CrowdStrike Falcon platform.
• Customize security configurations based on organizational requirements and best practices.
• Ensure compliance with industry regulations and security standards.
• Support security audits and assessments to validate adherence to security controls.
• Recommend and implement best practices for Qualys usage to improve security posture.

Technical Support & Automation

• Provide troubleshooting and technical support for end-users of the CrowdStrike Falcon platform.
• Collaborate with CrowdStrike support teams to resolve issues and enhance platform performance.
• Work with developers to build security automation workflows, enrichments, and mitigations.
• Apply expertise in monitoring, detecting, and responding to cyber events.
• Integrate security enforcement points across EDR, IDS/IPS, NDR, SIEM, and XDR systems.

Reporting & Continuous Improvement

• Maintain detailed documentation of platform configurations, security policies, and incident response procedures.
• Generate executive-level reports, presentations, and postmortems for key stakeholders.
• Analyze emerging threats to improve and maintain detection and response capabilities.
• Leverage AWS EC2, Workspaces, VMware, and network/security appliances to enhance security operations.
• Continuously evaluate policies and procedures, recommending updates to management as needed.

Qualifications

Education & Certifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, Software Engineering, Information Systems, Computer Engineering, or a related field.
• Preferred Certifications:




• CrowdStrike Certified Falcon Administrator (preferred).
• Other relevant certifications (e.g., SentinelOne, Trellix HX, Microsoft Defender).
• Industry-standard certifications such as CCE, CCFE, CEH, CPT, CREA, GCFE, GCFA, GCIH, GCIA, GIAC, Splunk Core, OSCP, SANS Security 500 Series, or equivalent.

Technical Expertise & Experience

• 3+ years of experience in EDR deployment, configuration, maintenance, and support of enterprise EDR solutions, including:




• CrowdStrike Falcon, Carbon Black EDR, SentinelOne, FireEye HX, McAfee MVision, Microsoft Defender for Endpoint (MDE), Tanium, or Elastic Endpoint Protection.




• 3+ years of experience in CrowdStrike EDR administration, including:




• Troubleshooting and installation.
• Monitoring system performance and availability.
• Performing security upgrades and optimizing configurations.




• 2+ years of experience in a Security Operations Center (SOC) environment, leveraging EDR tools for:




• Incident response and threat hunting.
• Vulnerability scanning and network monitoring.
• Log management and compliance activities.




• Experience optimizing EDR solutions by:




• Refining data output.
• Developing automated workflows and playbooks.
• Integrating EDR data with enterprise solutions (SIEM, ITSM, TIP).

Technical Skills & Knowledge

• Strong knowledge of networking technologies and concepts (routing, switching, network segmentation, etc.).
• Proficiency in programming and scripting languages, preferably Python and PowerShell.
• Experience with ServiceNow SecOps and Vulnerability Management (a plus).
• Strong experience fine-tuning security controls using custom controls and regex.

Communication & Documentation

• Ability to produce high-quality deliverables, including:




• Written reports and technical documentation.
• SOPs, configuration guides, and training materials.
• Executive-level briefings and presentations.




• Strong verbal and written communication skills, with the ability to effectively interact with staff at all levels, including executive leadership, customers, and vendors.

Additional Qualities

• Ability to work effectively under pressure; prior experience in high-stress environments (e.g., emergency medical responder, firefighter) is a plus.
• Familiarity with security frameworks such as:




• NIST SP 800-61, MITRE ATT&CK, Kill Chain, SANS Security Controls, OWASP Top 10, and Attack Lifecycle.





Compensation and Benefits

The projected compensation range for this position is $114,600 to $138,400 per year benchmarked in the Washington, D.C. metropolitan area. The target salary is $125,500. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience.

LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.

Devoted to Fair and Inclusive Practices

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at hr@lcginc.com.

Securing Your Data

Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at hr@lcginc.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.