Cyber Security Operations Engineer III- Endpoint Detection/Response

As the Cybersecurity Operations and Incident Response Engineer will be a subject matter expert on EDR (CrowdStrike), you will be a pivotal member of our global cybersecurity operations and incident response team. Your role will involve providing strategic oversight and leadership in the detection, alerting, and investigation of EDR incidents. You will leverage your extensive experience to protect sensitive healthcare data and ensure compliance with healthcare regulations.

PRIMARY DUTIES AND RESPONSIBILITIES:

· Lead the review and management of EDR alerts.

· Responsible for responding, detecting and maintaining CrowdStrike Endpoint Detection and Response (EDR) SEIM policies

· Collaborate with security teams to enhance threat detection and response capabilities.

· Conduct regular system monitoring, tuning, and optimization to ensure optimal performance.

· Develop and maintain documentation related to CrowdStrike EDR configurations and processes and runbooks.

· Oversee and guide EDR events investigations and provide escalation management.

· Identify DLP ruleset tuning opportunities and implement recommendations.

· Develop and refine technology infrastructure and operational processes for effective incident response.

· Create and maintain operational runbooks and response procedures.

· Conduct root cause analysis, identifying indicators of attack or compromise, and attack vectors.

· Deliver comprehensive verbal and written reports to senior management, including insights and recommendations for improving EDR protection and response.

· Stay updated with the latest trends and technologies in cybersecurity.

· Collaborate with other cybersecurity teams to integrate EDR (Crowdstrike) strategies with broader security initiatives and healthcare-specific requirements.

· Mentor and develop junior cybersecurity engineers, fostering a culture of continuous learning and improvement.

· Participate in on-call rotation (including weekends) to ensure continuous operations.

· Lead internal incident response exercises and drills.

EXPERIENCE, SKILLS, AND EDUCATIONAL REQUIREMENTS:

· 5 +experience in areas of EDR, Incident Response, and/or data protection, preferably in a healthcare environment.

· Proficiency in configuring and managing endpoint security solutions.

· Experience in incident response, threat hunting, and malware analysis.

· Relevant certifications such as CrowdStrike Certified Engineer (CCE) or equivalent are a plus.

· Ability to work in a fast-paced environment and handle multiple tasks simultaneously.

· Experience with Unix/Linux/Windows Operating Systems.

· Excellent written and verbal communication skills, with experience presenting technical information to both technical and non-technical audiences, including senior management.

· Bachelor’s or Master’s Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems, or a related field, or equivalent work experience.

Nice to have:

· Working knowledge of Shell/Bash/Python.

· Firsthand experience with SIEM, IDS/IPS, EDR and other security technologies.

· CrowdStrike Certified Engineer (CCE)

· Relevant certifications (e.g., CISSP, CISM, CEH, GIAC) are a plus

Salary up to 6000 EUR gross