CrowdStrike & MS Defender SME

CrowdStrike & MS Defender SME
6 Month contract initially
Based: Hybrid/London - Max 2-3 days p/w onsite
Rate: £Market rates p/d (via Umbrella company)

We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a CrowdStrike & MS Defender SME to join the team.
We are seeking a skilled Endpoint Security SME experienced in CrowdStrike and MS Defender (including MS Defender for Identity), managing both Server and End User Computing environments to join our cybersecurity team. The role involves managing and optimizing CrowdStrike and Defender's Endpoint Detection and Response (EDR) solutions to enhance endpoint security, threat detection, and incident response. You will be responsible for deployment, configuration, and ongoing management of both CrowdStrike Falcon platform and MS Defender while collaborating with IT and security teams to ensure continuous endpoint protection. A successful candidate will proactively monitor the evolving threat landscape, tools, and methodologies to maintain a strong defence.

Key Responsibilities:
* Deploy, configure, and maintain CrowdStrike Falcon and MS Defender EDR (including MS Defender for Identity) solutions across endpoints in the organization including cloud deployments.
* Monitor and analyse alerts from CrowdStrike and MS Defender EDR systems, identify potential threats, and perform initial triage and response.
* Investigate security incidents using CrowdStrike Falcon and MS Defender to detect and respond to malware, exploits, and other advanced threats.
* Collaborate with SOC (Security Operations Center) and other security teams to resolve incidents.
* Proactively identify vulnerabilities and security gaps in endpoint configurations and recommend remediation.
* Develop security policies and strategies for endpoint protection and threat hunting within the organization.
* Create reports to provide actionable insights to senior management regarding threat trends and security incidents.
* Stay updated on the latest cybersecurity trends, endpoint attack vectors, and CrowdStrike feature updates.
* Oversee and enhance the security posture of our cloud environments (AWS)
* Knowledge about Crowdstrike CSPM tools and compliance with cloud security standards and best practices.
* Collaborate with cloud engineers, security teams, and DevOps to continuously monitor and improve customers cloud infrastructure's security.
* Report CrowdStrike and Defender compliance against the total endpoints in customer environment and constantly work to improve the same using KQL scripts.
* Support investigation of Critical and Major incidents (P1 & P2) on 24*7 on call support.
* To lead small-to-medium sized technical teams for BAU support as well as specific initiatives (projects, life cycle work, PoCs) and to provide the expert guidance required to drive technical developments in these initiatives.

Key Skills & Experience:
* Strong and Proven experience in CrowdStrike Falcon and MS Defender (including MS Defender for Identity) EDR platform.
* Strong knowledge of malware analysis, threat intelligence, and incident response.
* Familiarity with threat hunting methodologies and cyber kill chain.
* Experience working with Security Information and Event Management (SIEM) solutions.
* Strong analytical skills with the ability to assess complex security data.
* Hands-on experience with CSPM tools such as Prisma Cloud, AWS Security Hub, Azure Security Center, or Dome9.
* Strong knowledge of cloud security frameworks and best practices (eg, CIS benchmarks, NIST, NISD, ISO).
* Experience with cloud service providers (AWS) and their security features.
* Awareness of various operating system flavours including but not limited to Windows, Linux, Unix.
* Strong coding skills in programming languages such as Python, Java, or C++ for Scripting and automation tasks.
* Strong verbal & written communication, Good interpersonal skills and Exceptional Customer engagement skills are crucial to success in this role.
* Proficiency in preparation of reports, dashboards, and documentation.

Desirable skills/knowledge/experience:
* Certification/s in CrowdStrike, MS Defender.
* Proven use of modern security tooling in real-world projects.
* Experience in agile delivery teams and cross-functional collaboration.
* Nice to Have Certifications (not mandatory): OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT.
* Azure Security Engineer Associate/AWS Security Specialty.

This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible.

LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.

Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.