Key skills
CrowdStrikeEndpoint securityEndpoint detectionresponse (EDR/XDR)Security engineeringTrellixOracle Cloud Infrastructure (OCI)AWSScriptingPowerShellPythonBashIncident responseSecurity InformationEvent Management (SIEM)Security OrchestrationAutomationResponse (SOAR)DoD cybersecurity frameworksSecurity+CySA+CASP+CISSPAWS Security SpecialtyCrowdStrike certificationOCI certificationAnalytical skillsJiraAgileLeadershipCommunicationCloud SecurityZero Trust
About this role
Conviso Inc. is seeking a highly skilled CrowdStrike Engineer to lead a small team in the design, deployment, and optimization of the CrowdStrike platform for a DoD organization. The role involves scaling a pilot project to full enterprise deployment while providing ongoing operations and maintenance for the platform.
Responsibilities:
- Lead technical design and implementation of the CrowdStrike platform for a pilot deployment across cloud and endpoint environments. Post-deployment, provide ongoing operations and maintenance (O&M) for the platform
- Experience with full module deployment of CrowdStrike (Falcon Prevent, Insight, Insight XDR, Spotlight, Discover, Device Control, Cloud Security, Identity Protection, FileVantage [FIM], Data Protection, Falcon for IT, Exposure Management, Falcon for Mobile, Falcon Foundry, Falcon X Recon, Falcon Search Retention, Falcon Sandbox)
- Architect scalable solutions for AWS, OCI, and globally distributed managed endpoints
- Define sensor deployment, prevention policies, detection logic, host grouping, identity/access controls, exclusions, and response workflows
- Integrate CrowdStrike with enterprise security tooling such as SIEM, SOAR, ITSM, vulnerability management, and asset inventory platforms
- Develop the technical roadmap to expand the pilot into a secure, supportable enterprise-wide capability, and track progress for reporting up to Senior Executive leaders (both corporate and government executives)
- Create automation for deployment, monitoring, reporting, and operational workflows using scripting and infrastructure/platform tooling
- Support incident response, threat hunting, and detection engineering activities tied to CrowdStrike telemetry and alerts
- Provide technical oversight to administrators and junior staff (up to 4 technical staff); review configurations, troubleshoot escalated issues, and enforce configuration standards. Successful candidates in this role will mentor and train junior staff in technical and functional skills
- Produce engineering documentation, implementation plans, SOPs, runbooks, and transition artifacts for steady-state operations
- Articulate in verbal and written communication(s) the relative success or drawbacks of the pilot, provide a recommended technical path forward based on data results from the pilot; troubleshoot and resolve in real-time deployment issues
- Work within Agile project teams, attending ceremonies (stand-ups, sprints, retrospectives) and using Jira for ticketing, backlog tracking, and documentation
- Ensure alignment with DoD cybersecurity requirements, enterprise governance, and operational constraints, especially Zero Trust requirements
- Other duties as assigned and operationally required
Requirements:
- 8+ years of experience in cybersecurity, endpoint security, systems security, or security engineering
- 6+ years of hands-on experience with CrowdStrike administration, engineering, deployment, or platform operations
- Experience designing or supporting enterprise endpoint detection and response capabilities in complex environments. The most competitive candidates will have commensurate experience with Trellix as well
- Hands-on experience securing or integrating security tooling in OCI environments. Experience in AWS is a desired/preferred qualification
- Strong knowledge of endpoint security, EDR/XDR concepts, detection tuning, incident response, and operational support models
- Experience with scripting or automation (e.g., PowerShell, Python, Bash) for deployment and administration
- Familiarity with DoD or federal cybersecurity frameworks and operational environments
- Minimum Secret clearance and ability to meet DoD 8140 privileged access requirements
- Must be able to manage a small team of technical professionals, as well and coordinate with other managers as peers in a matrixed organization
- Strong analytical and problem-solving skills; detail-oriented with a focus on operational excellence
- Skilled communicator, able to collaborate with IT, cybersecurity, and mission teams in written and verbal communications with a positive attitude and customer-first approach. The most competitive candidates with have experience briefing senior/executive leadership (both commercial and Federal) and technically deep level
- Proactive learner—stays current on CrowdStrike and endpoint security operations best practices
- Prior experience with Trellix (formerly McAfee Enterprise) endpoint security tools and migration or coexistence planning
- Experience leading pilots, proofs of value, or phased enterprise rollouts of security platforms, as well as experience with large-scale global endpoint environments
- Experience integrating CrowdStrike with SIEM/SOAR platforms
- Relevant certifications (including, but not limited to, Security+, CySA+, CASP+, CISSP, AWS Security Specialty, CrowdStrike, OCI, etc. certifications)