We are seeking a highly skilled CrowdStrike Engineer with at least 6 years of hands-on CrowdStrike experience to lead a small team in the design, deployment, and optimization of the CrowdStrike platform for a DoD organization. This role will stand up and mature an initial pilot focused on Oracle Cloud Infrastructure (OCI), and managed endpoints across a global enterprise, with a small AWS footprint as well. The expectation is to eventually scale the solution from pilot to full enterprise deployment. The engineer will serve as the senior technical lead for architecture, policy design, integration, automation, and operational readiness. Deep coordination with the existing Trellix environment/deployment is required.

Key Responsibilities

• Lead technical design and implementation of the CrowdStrike platform for a pilot deployment across cloud and endpoint environments. Post-deployment, provide ongoing operations and maintenance (O&M) for the platform. 
• Experience with full module deployment of CrowdStrike (Falcon Prevent, Insight, Insight XDR, Spotlight, Discover, Device Control, Cloud Security, Identity Protection, FileVantage [FIM], Data Protection, Falcon for IT, Exposure Management, Falcon for Mobile, Falcon Foundry, Falcon X Recon, Falcon Search Retention, Falcon Sandbox).
• Architect scalable solutions for AWS, OCI, and globally distributed managed endpoints.
• Define sensor deployment, prevention policies, detection logic, host grouping, identity/access controls, exclusions, and response workflows.
• Integrate CrowdStrike with enterprise security tooling such as SIEM, SOAR, ITSM, vulnerability management, and asset inventory platforms.
• Develop the technical roadmap to expand the pilot into a secure, supportable enterprise-wide capability, and track progress for reporting up to Senior Executive leaders (both corporate and government executives).
• Create automation for deployment, monitoring, reporting, and operational workflows using scripting and infrastructure/platform tooling.
• Support incident response, threat hunting, and detection engineering activities tied to CrowdStrike telemetry and alerts.
• Provide technical oversight to administrators and junior staff (up to 4 technical staff); review configurations, troubleshoot escalated issues, and enforce configuration standards. Successful candidates in this role will mentor and train junior staff in technical and functional skills.
• Produce engineering documentation, implementation plans, SOPs, runbooks, and transition artifacts for steady-state operations.
• Articulate in verbal and written communication(s) the relative success or drawbacks of the pilot, provide a recommended technical path forward based on data results from the pilot; troubleshoot and resolve in real-time deployment issues.
• Work within Agile project teams, attending ceremonies (stand-ups, sprints, retrospectives) and using Jira for ticketing, backlog tracking, and documentation.
• Ensure alignment with DoD cybersecurity requirements, enterprise governance, and operational constraints, especially Zero Trust requirements.
• Other duties as assigned and operationally required.

Required Qualifications

• 8+ years of experience in cybersecurity, endpoint security, systems security, or security engineering.
• 6+ years of hands-on experience with CrowdStrike administration, engineering, deployment, or platform operations.
• Experience designing or supporting enterprise endpoint detection and response capabilities in complex environments. The most competitive candidates will have commensurate experience with Trellix as well.
• Hands-on experience securing or integrating security tooling in OCI environments. Experience in AWS is a desired/preferred qualification.
• Strong knowledge of endpoint security, EDR/XDR concepts, detection tuning, incident response, and operational support models.
• Experience with scripting or automation (e.g., PowerShell, Python, Bash) for deployment and administration.
• Familiarity with DoD or federal cybersecurity frameworks and operational environments.
• Minimum Secret clearance and ability to meet DoD 8140 privileged access requirements.
• Must be able to manage a small team of technical professionals, as well and coordinate with other managers as peers in a matrixed organization.
• Strong analytical and problem-solving skills; detail-oriented with a focus on operational excellence.
• Skilled communicator, able to collaborate with IT, cybersecurity, and mission teams in written and verbal communications with a positive attitude and customer-first approach. The most competitive candidates with have experience briefing senior/executive leadership (both commercial and Federal) and technically deep level.
• Proactive learner—stays current on CrowdStrike and endpoint security operations best practices.

Preferred Qualifications

• Prior experience with Trellix (formerly McAfee Enterprise) endpoint security tools and migration or coexistence planning.
• Experience leading pilots, proofs of value, or phased enterprise rollouts of security platforms, as well as experience with large-scale global endpoint environments.
• Experience integrating CrowdStrike with SIEM/SOAR platforms.
• Relevant certifications (including, but not limited to, Security+, CySA+, CASP+, CISSP, AWS Security Specialty, CrowdStrike, OCI, etc. certifications).