Endpoint Detection and Response Engineer
• Identify and assess customer information technology infrastructure regarding risks and vulnerabilities.
• Document, communicate and recommend steps to resolve the risks and issues associated with security vulnerabilities across the customer IT environment.
• Provide, maintain and administer endpoint security management tools: anti-virus, data loss prevention, web filtering and spam filtering across customer IT environment, authorized users, data center and network assets such as McAfee, Arctic Wolf, Binary Defense, CrowdStrike Falcon, Cybereason, Deepwatch, Sentire, Expel, FireEye, Carbon Black, Palo Alto Cortex, Elastic Security and Microsoft Endpoint Manager.
• Document, maintain and manage DLP (host and network) existing equipment, software and tools.
• Manage DLP rules based on customer policies and procedures.
• Notify customer of viruses and system vulnerabilities or threats that could lead to adverse effects on customer.
• Prepare and maintain solution documentation, including security, configuration and CONOPS.
• Work closely with engineering and test teams and participate in technical and meetings with Agency technical specialists.
• Work with service delivery team in developing agency-specific designs and policies to include working directly with agency technical and security SMEs.
• Document, publish and maintain a knowledge base of information pertaining to the functionality, processes and procedures related to the tools.
• Apply technical expertise in implementing efficiencies and creating strategies to better detect and respond to cyber incidents by prioritizing mitigation actions.
• Due to the nature of the government contract requirements and/or clearance requirements, US citizenship is required as well as successful passing of CGI background check prior to beginning work. In addition, candidates must have ability to obtain and maintain a DHS EOD/Public Trust clearance.
• Bachelor’s degree and 8+ years of related experience. Four additional years of relevant work experience may substitute for a degree.
• Experience configuring and integrating COTS software in support of enterprise security solutions.
• Must be able to analyze and clarify customer technical inquiries.
• Must be able to analyze vulnerability scan results, system audits, log events and troubleshoot software issues.
• Experience with threat hunting tactics, techniques and procedures.
• Knowledge of cyber attack stages, including reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation and covering tracks.
• Experience integrating layered security using network security architecture concepts using defense in depth and zero trust.
• Knowledge of malware analysis concepts and incident handling methodologies.
• Experience designing, deploying and integrating enterprise endpoint management systems.
• Experience managing agent-based end-point packages.
• Hands on experience with EDR tools.
• Must have strong communication skills and a solid understanding of IT security concepts to include vulnerability and patch management, security operations, incident management and incident response.
• Must be able to work with other team members and groups, work with competing priorities and possess strong customer focus.
• Ability to establish working relations at all organizational levels and demonstrate ability to diplomatically and effectively deal with government officials and program office stakeholders.
How to Apply:
Apply online at https://www.cgi.com/en/careers
Visit Site to Apply