Back to all jobs

Endpoint Detection and Response Engineer, Mid

Booz Allen

Jul 13

Endpoint Detection and Response Engineer, Mid

Key Role:

Consult on and lead vulnerability identification, new threat exposures and emerging security technologies. Work with in-house teams to identify the right mix of tools, techniques, procedures to translate your customer’s needs and future goals into a plan that will enable secure and effective solutions. Take a critical approach to solution design, identifying gaps, providing alternatives, and customizing solutions to maintain a balance of security and business needs. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

  • 3+ years of experience with IT in a professional work environment

  • 1+ years of experience with deployment, configuration, or maintenance to support Enterprise EDR Solutions, including Carbon Black EDR, CrowdStrike Falcon, FireEye HX, Microsoft Defender APT, or Elastic Endpoint Protection

  • 1+ years of experience with performing systems administration, including basic troubleshooting and installation, monitoring system performance or availability and performing security upgrades

  • Knowledge of network security architecture concepts, including topology, protocols, components, and principles

  • Knowledge of various Enterprise Operating System (OS) configurations and management tools for use during deployment, configuration, and management of EDR solutions

  • Ability to obtain a security clearance

  • HS diploma or GED

Additional Qualifications:

  • Experience working in a Security Operations Center (SOC) environment, including Incident Response, Vulnerability Scanning, Threat Hunting, Network Monitoring/Log Management, or Compliance Management

  • Experience with complimentary Enterprise Security Tools, including Security Information & Event Management (SIEM), Threat Intelligence Platforms (TIPs), or Network Monitoring Tools

  • Experience with triaging security events in a security operations center (SOC) environment, leveraging data collected from enterprise security solutions

  • Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions

  • Ability to integrate cybersecurity data using enterprise or custom tools data aggregation and analysis tools, including Splunk


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.