-
Summary
Job Title: Endpoint Security Engineer / Operational Support
Skills: Microsoft Defender and CrowdStrike Falcon
Location: prefer Chicago, Southfield, MI
Job Type: Full Time
• Senior Endpoint Security Engineer / Operational Support (Microsoft Defender & CrowdStrike)
• We are seeking a highly skilled Endpoint Security Engineer / Operational to lead the design, engineering, and optimization of enterprise endpoint protection platforms, specifically Microsoft Defender and CrowdStrike Falcon.
• This role will focus on building scalable security architectures, driving automation, and enhancing detection and response capabilities across a global environment.
• This individual will operate at both a hands-on engineering level and a strategic Operational level, ensuring alignment with enterprise security standards and zero trust principles.
• Key Responsibilities, Architecture & Strategy Evolve endpoint security architecture leveraging Microsoft Defender suite (Defender for Endpoint, Defender for Cloud, Defender for Identity) and CrowdStrike Falcon.
• Provide operational support for endpoint detection, response, and prevention capabilities aligned with enterprise security strategy.
• Establish and enforce security baselines, policies, and standards across all endpoints.
• Provide architectural guidance for integrations with SIEM, SOAR, and identity platforms.
• Engineering & Implementation Ensure and support deployment and optimize Microsoft Defender and CrowdStrike Falcon sensors across enterprise environments.
• Lead advanced configuration of: Endpoint Detection & Response (EDR).
• Attack Surface Reduction (ASR) rules
• Behavioural analytics and threat intelligence.
• Develop and maintain detection rules, custom indicators, and threat hunting queries.
• Engineer automation workflows for incident response using our SOAR platforms.(TORQ).
• Integration & Automation.
• Integrate Defender and CrowdStrike with enterprise tools such as: • SIEM (e.g., Microsoft Sentinel, Splunk) • SOAR platforms (e.g., Torq, Cortex XSOAR)
• Identity providers (Azure AD / Entra ID)
• Build API-based integrations and automation pipelines to streamline security operations.
• Enable telemetry ingestion into centralized data platforms (e.g., Databricks, Power BI). Collaboration & Advisory
• Work closely with Security Operations, Infrastructure, and Cloud teams.
• Provide technical leadership and mentorship to junior engineers.
• Act as a subject matter expert for endpoint security technologies.
• Support vendor evaluations and proof-of-concept initiatives.
• 5+ years of experience in endpoint security engineering and operational roles. -
Job Description
Job Title: Endpoint Security Engineer / Operational Support
Skills: Microsoft Defender and CrowdStrike Falcon
Location: prefer Chicago, Southfield, MI
Job Type: Full Time
• Senior Endpoint Security Engineer / Operational Support (Microsoft Defender & CrowdStrike)
• We are seeking a highly skilled Endpoint Security Engineer / Operational to lead the design, engineering, and optimization of enterprise endpoint protection platforms, specifically Microsoft Defender and CrowdStrike Falcon.
• This role will focus on building scalable security architectures, driving automation, and enhancing detection and response capabilities across a global environment.
• This individual will operate at both a hands-on engineering level and a strategic Operational level, ensuring alignment with enterprise security standards and zero trust principles.
• Key Responsibilities, Architecture & Strategy Evolve endpoint security architecture leveraging Microsoft Defender suite (Defender for Endpoint, Defender for Cloud, Defender for Identity) and CrowdStrike Falcon.
• Provide operational support for endpoint detection, response, and prevention capabilities aligned with enterprise security strategy.
• Establish and enforce security baselines, policies, and standards across all endpoints.
• Provide architectural guidance for integrations with SIEM, SOAR, and identity platforms.
• Engineering & Implementation Ensure and support deployment and optimize Microsoft Defender and CrowdStrike Falcon sensors across enterprise environments.
• Lead advanced configuration of: Endpoint Detection & Response (EDR).
• Attack Surface Reduction (ASR) rules
• Behavioural analytics and threat intelligence.
• Develop and maintain detection rules, custom indicators, and threat hunting queries.
• Engineer automation workflows for incident response using our SOAR platforms.(TORQ).
• Integration & Automation.
• Integrate Defender and CrowdStrike with enterprise tools such as: • SIEM (e.g., Microsoft Sentinel, Splunk) • SOAR platforms (e.g., Torq, Cortex XSOAR)
• Identity providers (Azure AD / Entra ID)
• Build API-based integrations and automation pipelines to streamline security operations.
• Enable telemetry ingestion into centralized data platforms (e.g., Databricks, Power BI). Collaboration & Advisory
• Work closely with Security Operations, Infrastructure, and Cloud teams.
• Provide technical leadership and mentorship to junior engineers.
• Act as a subject matter expert for endpoint security technologies.
• Support vendor evaluations and proof-of-concept initiatives.
• 5+ years of experience in endpoint security engineering and operational roles. -
ABOUT THE COMPANY
-
-
Government Careers
Show moreGovernment jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
-