Software Guidance & Assistance, Inc., (SGA), is searching for a
Cyber Security/CrowdStrike Engineer for a
contract-to-hire assignment with one of our premier
pharmaceutical clients based on the
East Coast.
100% remote but must be able to work an EST schedule. As the Engineer III Cybersecurity Operations and Incident Response Engineer with a focus on EDR (CrowdStrike), you will be a pivotal member of our global cybersecurity operations and incident response team. Your role will involve providing strategic oversight and leadership in the detection, alerting, and investigation of EDR incidents. You will leverage your extensive experience to protect sensitive healthcare data and ensure compliance with healthcare regulations.
Responsibilities :
- Lead the review and management of EDR alerts.
- Responsible for responding, detecting and maintaining CrowdStrike Endpoint Detection and Response (EDR) SEIM policies.
- Collaborate with security teams to enhance threat detection and response capabilities.
- Conduct regular system monitoring, tuning, and optimization to ensure optimal performance.
- Develop and maintain documentation related to CrowdStrike EDR configurations and processes and runbooks.
- Oversee and guide EDR events investigations and provide escalation management.
- Identify DLP ruleset tuning opportunities and implement recommendations.
- Develop and refine technology infrastructure and operational processes for effective incident response.
- Create and maintain operational runbooks and response procedures.
- Conduct root cause analysis, identifying indicators of attack or compromise, and attack vectors.
- Deliver comprehensive verbal and written reports to senior management, including insights and recommendations for improving EDR protection and response.
- Stay updated with the latest trends and technologies in cybersecurity.
- Collaborate with other cybersecurity teams to integrate EDR (Crowdstrike) strategies with broader security initiatives and healthcare-specific requirements.
- Mentor and develop junior cybersecurity engineers, fostering a culture of continuous learning and improvement.
- Participate in on-call rotation (including weekends) to ensure continuous operations.
- Lead internal incident response exercises and drills.
EXPERIENCE, SKILLS, AND EDUCATIONAL REQUIREMENTS:
Must have:
- 5+ years' experience in areas of DLP, data classification, and/or data protection, preferably in a healthcare environment.
- Experience with Unix/Linux/Windows Operating Systems.
- Experience presenting technical information to both technical and non-technical audiences, including senior management.
- Bachelor's or Master's Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems, or a related field, or equivalent work experience.
- Deep familiarity with regulatory requirements and industry standards related to data protection and cybersecurity (e.g., GDPR, CCPA, HIPAA, ISO 27001).
Nice to have:
- Working knowledge of Shell/Bash/Python.
- Firsthand experience with SIEM, IDS/IPS, EDR and other security technologies.
- Relevant certifications (e.g., CISSP, CISM, CEH, GIAC) are a plus.
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at https://sgainc.com/ .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company EEO page to request an accommodation or assistance regarding our policy.