Related skills
bash python google workspace siem dlpπ Description
- Own day-to-day CrowdStrike Falcon administration, tuning, and RT Response across all endpoints.
- Operate and mature ThreatLocker for allowlisting, ringfencing, and storage control.
- Administer Island Enterprise Browser; enforce SaaS access, copy/paste, and downloads policies.
- Drive endpoint hardening and baselines (MDM, patch SLAs, FileVault/BitLocker, CIS).
- Maintain a defensible inventory of endpoints and remediation gaps.
- Own corporate incident response for endpoint, identity, email, and insider events.
π― Requirements
- 3β5 years of experience in corporate security, endpoint security, or insider risk.
- Hands-on EDR experience (prefer CrowdStrike Falcon) with tuning, IOAs/IOCs, and RT Response.
- Experience with application control/zero-trust tooling (ThreatLocker, Airlock, AppLocker).
- Familiar with enterprise browsers (Island, Talon, Chrome) and data/SaaS access controls.
- Strong Google Workspace security background: admin controls, context-aware access, OAuth, DLP.
- Investigate incidents end-to-end (phishing, malware, DLP, insider risk) with documentation.
- Fundamentals in IAM, endpoint hardening, MDM, logging, and SIEM-based detection.
- Scripting in Python/Bash; experience with security orchestration platforms (Tines, Torq, XSOAR) a plus.
π Benefits
- Medical, dental, and vision insurance.
- Stock options.
- Monthly home-office stipend.
- 401k (TransAmerica).
- 12 weeks paid parental leave.
- 11 paid company holidays.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!