Senior Endpoint Detection & Response (EDR) Engineer Sr Cybersecurity Engineer

What success looks like in this role:

Job Description Summary

We are seeking a highly skilled and proactive Senior Endpoint Detection & Response (EDR) Engineer to join our cybersecurity engineering team. This role is responsible for architecting deploying optimizing and maintaining enterprise Unisys Enterprise Detection and Response solution CrowdStrike to detect prevent investigate and respond to advanced threats across the organization.

The candidate will serve as a subject matter expert (SME) for endpoint security technologies leveraging threat intelligence behavioral analytics and detection engineering principles to enhance the organizations overall security posture. This role will work closely with the Unisys Security Operation Center team and Detection and Response organization to drive continuous improvement of endpoint monitoring threat detection capabilities automation and response workflows.

A critical aspect of the position includes developing advanced detection use cases tuning prevention policies to reduce false positives leading endpoint investigations and building dashboards and KPIs to measure endpoint security effectiveness.

Key Responsibilities

Serve as primary technical owner and SME for CrowdStrike Falcon (or equivalent EDR platform).

Architect deploy configure and maintain enterprise endpoint detection and prevention solutions.

Develop and tune detection logic using behavioral analytics IOAs IOCs and threat intelligence feeds.

Lead containment eradication and recovery efforts during endpoint-related security incidents.

Create custom queries detections and response playbooks using EDR-native tools and integrations (e.g. SIEM SOAR).

Develop dashboards KPIs and metrics to measure endpoint health detection efficacy and mean time to respond (MTTR).

Collaborate with SOC analysts to improve detection engineering and reduce alert fatigue.

Validate endpoint security posture during cloud migrations system deployments and major IT initiatives.

Provide documentation runbooks and training for SOC and IT teams.

Stay current with emerging threats attack techniques (MITRE ATT&CK) and EDR innovations.

Support compliance initiatives and audits related to endpoint security controls.

Mentor junior security engineers and analysts.

#LI-RB1

You will be successful in this role if you have:

4-6 years of experience in cybersecurity with at least 3 years focused on Endpoint Detection & Response.

Hands-on experience administering CrowdStrike Falcon (preferred) or equivalent EDR platforms (Microsoft Defender for Endpoint SentinelOne Carbon Black).

Strong understanding of endpoint attack techniques malware behavior ransomware trends and lateral movement techniques.

Experience with threat hunting methodologies and detection engineering.

Knowledge of MITRE ATT&CK framework and adversary emulation techniques.

Proficiency in scripting (Python PowerShell Bash) for automation and response workflows.

Experience integrating EDR platforms with SIEM and SOAR solutions.

Strong analytical and problem-solving skills with the ability to investigate complex security incidents.

Experience building dashboards reporting metrics and defining KPIs.

Familiarity with cloud-native endpoint security in AWS Azure or GCP environments.

Understanding of zero trust architecture principles.

Strong communication skills with the ability to present findings to technical and non-technical stakeholders.

Relevant certifications preferred (e.g. CISSP GCED GCIA GCFA CrowdStrike certifications).

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age blood type caste citizenship color disability family medical history family status ethnicity gender gender expression gender identity genetic information marital status national origin parental status pregnancy race religion sex sexual orientation transgender status veteran status or any other category protected by law.

Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers.

If you are a US job seeker unable to review the job opportunities herein or cannot otherwise complete your expression of interest without additional assistance and would like to discuss a request for reasonable accommodation please contact our Global Recruiting organization at . US job seekers can find more information about Unisys EEO commitment here.