Carbon Black Endpoint Security Engineer

Carbon Black Endpoint Security Engineer

Requirements

• 5+ years of experience in endpoint security, including EDR, threat intelligence, and incident response
• 2+ years of experience with implementation, management, and maintenance of VMware Carbon Black solutions, including Carbon Black Cloud, App Control, Endpoint Detection and Response (EDR), and Capture Client
• 2+ years of experience leading migrations, deployments, and configurations of Carbon Black products across physical, virtual, and cloud environments
• Experience with cloud-based platforms such as AWS, Microsoft Azure, Google Cloud Platform, and VMware Cloud
• Experience engaging with stakeholders throughout the enterprise, including security analysts, IT teams, business leaders, and customers
• Ability to participate in on-call rotation for after-hours support
• Active TS/SCI clearance; willingness to take a polygraph exam
• HS diploma or GED and 7+ years of experience supporting IT projects and activities, Associate’s degree and 5+ years of experience supporting IT projects and activities, or Bachelor’s degree and 3+ years of experience supporting IT projects and activities
• DoD 8570 IAT Level II Certification, including CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP Certification

Responsibilities

• Ensure that the customer technology solutions meet the highest standards of security, performance, and scalability with a particular focus on endpoint security.
• Provide thought leadership on emerging trends and best practices in endpoint security and ensure that the customer technology strategy reflects the latest developments in the field.
• Drive continuous improvement in the program’s endpoint security operations, policies, and procedures, including incident response and vulnerability management.
• Provide technical expertise and guidance to the customer security analysts and IT teams.
• Develop, configure, and optimize policies and rules within Carbon Black products to enhance threat detection, prevention, and response capabilities.
• Develop and maintain comprehensive documentation for Carbon Black configurations, procedures, and best practices.
• Collaborate with other cybersecurity and IT teams to ensure a coordinated approach to security challenges.
• Evaluate and integrate new security technologies to enhance the organization’s cybersecurity posture.
• Provide training and technical guidance to other team members on Carbon Black products and best practices.

Preferred Qualifications

• Experience with scripting languages such as Python or PowerShell
• Experience installing and configuring various COTS products
• Experience providing physical and virtual support, maintenance, and security for Linux, Windows Servers, and Windows Desktops
• Experience working as or with a Cyber Technology Officer (CTO)
• Experience with Authentication and Account Management such as Active Directory, DNS, LDAP, TACACS, Local, or KVM
• Experience with virtualization such as VMWare, ESXi, or VCenter
• Experience tracking and resolving incidents via ticket queue
• Possession of excellent written and verbal communication and interpersonal skills
• Possession of excellent analytical skills to analyze and interpret security logs, system logs, and other security related data
• DoD 8570 Cybersecurity Provider – Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification