TS​/SCI Endpoint Security Engineer | EDR & Threat Defense

Endpoint Security Engineer (Annapolis Junction, MD)

Active TS/SCI w/Polygraph REQUIRED Please do not apply if you do not currently possess this level of clearance.

Telework:
None

Basic Requirements:

• Bachelor’s degree in a technical field.
• 8 years of applicable professional experience.

Job Description:

• Deploy, configure, test, manage, and optimize endpoint detection and response solutions across the NSA enterprise.
• Establish comprehensive Standard Operating Procedures (SOPs) for EDR functionalities and lead training sessions to empower SOC analysts in maximizing platform efficiency and threat visibility.

Responsibilities:

• Responsible for the deployment, testing, management, and optimization of endpoint detection and response solutions.
• Deploy, configure, test, and monitor EDR capabilities in on-premises and cloud environments.
• Support SOC analysts and provide training, SOP documentation, and incident response coordination.

Required Experience:

• EDR Platforms:
  Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR, preferably both).
• Cloud Applications:
  Experience with cloud security and familiarity with cloud service providers (AWS or Azure, preferably both).
• Cloud Security:
  Experience securing cloud-hosted workloads using EDR solutions and knowledge of cloud-native security controls and logging (Microsoft Sentinel, Microsoft Defender, Microsoft Purview, AWS Cloud Watch, AWS Cloud Trail, AWS Guard Duty, or AWS Security Hub). CCSP Certified Cloud Security Professional certification or equivalent.
• SOC Support:
  Experience supporting SOC functions such as monitoring, training analysts, documenting SOPs, incident response coordination, analysis of security events, and process improvement. Microsoft Certified:
  Security Operations Analyst Associate (SOAA) or equivalent.
• Network Security:
  Understanding of network protocols, traffic analysis, and intrusion detection systems (CompTIA Security+ is required).
• Windows Forensics:
  In-depth knowledge of Windows OS internals, registry, and file system. Familiarity with forensic tools like EnCase, FTK, or open-source alternatives. SANS Windows Forensic Analysis (FOR
  500) or equivalent.

Desired

Experience:

• Threat Hunting:
  Proactive identification and investigation of potential security threats and anomalies.
• Incident Response:
  Experience in managing and responding to security incidents, including containment, eradication, and recovery.
• SIEM:
  Familiarity with SIEM systems for log analysis and correlation (e.g., Splunk, Elastic, Microsoft Sentinel).
• Scripting and Automation:
  Proficient in scripting languages (e.g., Power Shell, Python) for automating tasks and workflows.
• Certifications:
  
  Certified Information Systems Security Professional (CISSP), Microsoft 365 Certified:
  Endpoint Administrator Associate (MD-102).

Salary: $225,000 - $235,000 annually

Benefits:
Excellent benefits package including 25 days PTO, 11 paid holidays, 100% employer‑paid healthcare for employees and dependents – available day 1, 8% 401(k) employer match – immediate vesting.

Shield Consulting Solutions is an equal‑opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

This is a full‑time position.

Visit Careers at Shield Consulting Solutions.