Threat Management Engineer

Avint LLC is seeking a Cybersecurity Professional to serve as a Threat Management Engineer within our Technical Innovation Group. In this role, you will test, implement, deploy, maintain, review, and administer cybersecurity solutions to effectively manage the computer network defenses for our valued clients. You will monitor network events, within the client's environment, to actively remediate unauthorized activities. You will support various cybersecurity technologies to include but not limited to McAfee ePO, Endpoint Security, and Solidcore, ForeScout, Azure Security, CrowdStrike, Tenable.io, and Splunk.

Position Responsibilities:

• Performing activities related to the deployment, configuration, and maintenance of CrowdStrike Endpoint Detection & Response (EDR) and Anti-Virus (A/V) technologies in the client's environment.
• Troubleshooting and resolving implementation issues as they arise including interfacing with CrowdStrike technical support teams.
• Finding solutions to technical issues encountered throughout the deployment.
• Designing and documenting CrowdStrike policies and engineering procedures.
• Ensuring CrowdStrike policies are configured and customized to the client's environment and needs.
• Tuning CrowdStrike as needed for the client's environment to include identifying false positives and implementing exclusions.
• Responding to policy requests and incidents for the Crowdstrike Client.
• Coordinating with multiple groups for policy approvals, change management, and problem management.
• Using diagnostic and troubleshooting skills to diagnose and solve for application incompatibilities and system resources.
• Analyzing data to identify threat patterns.
• Applying knowledge of forensics, chain of custody, and handling of digital evidence.

Requirements

Ability to pass USG Background Investigation (BI); Secret Preferred

Qualifications:

• Extensive Crowdstrike Application and Console Experience.
• BA/BS in Information Security or related IT field.
• 5+ years using IDS, IDP, or SIEM and SOAR tools.
• 3+ years conducting Incident Response and Threat Management.
• 2+ years of experience with McAfee ePO, McAfee Agent deployment, McAfee Solidcore deployment, and McAfee Endpoint Security.
• Experience with running and assessing McAfee ePO/Malware Scans, implementing ePO upgrades, and with Solidcore Rules/Inventory Trust.
• Experience leading threat management activities is strongly preferred.
• Required: Relevant Cyber Security Certification (e.g. CISSP, CISM, CISA, Sec+)
• US Citizenship Required.
• Ability to pass a USG Background Investigation. Secret Clearance Preferred.
• Demonstrate strong communication skills (oral and written) and the ability to work with both teammates and senior leadership; leads working sessions to solicit ideas and develop solutions.
• Proactively lead teams in the execution of complex tasks with minimal direction and produces high quality results.
• Serve as a Career Manager responsible for performance management and professional development.
• Proficiency in Microsoft Office Suite of tools (Excel, Word, Teams, Outlook)

Benefits

Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.

Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!

Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.