Senior CrowdStrike Falcon Security Engineer

Senior CrowdStrike Falcon Security EngineerAbout the RoleWe're looking for a Senior Security Engineer with deep hands-on expertise in CrowdStrike Falcon to join a high-impact security team. You'll own the deployment, tuning, and operationalization of the Falcon platform across a complex enterprise environment, and serve as the internal subject matter expert for endpoint detection and response (EDR).What You'll DoArchitect, deploy, and manage CrowdStrike Falcon across enterprise endpoints (Windows, macOS, Linux)Develop and tune detection policies, prevention policies, and custom IOAs (Indicator of Attack) to reduce noise and improve fidelityLead threat hunting initiatives using Falcon's Event Search and Investigate capabilitiesIntegrate Falcon with SIEM platforms (e.g., Splunk, Sentinel) and SOAR tools for automated response workflowsRespond to and investigate endpoint-based incidents, leading root cause analysis and remediation effortsCollaborate with SOC, IT, and infrastructure teams to ensure consistent sensor coverage and healthEstablish and maintain dashboards, reporting, and KPIs around endpoint security postureEvaluate and implement new Falcon modules (e.g., Spotlight, Identity Protection, Discover) as the business scalesMentor junior security engineers and contribute to internal documentation and runbooksWhat You Bring5–8 years of experience in cybersecurity, with at least 3 years hands-on with CrowdStrike FalconStrong understanding of EDR concepts, threat detection methodology, and adversary tactics (MITRE ATT&CK)Experience writing custom detection logic — Falcon Fusion, RTR scripts, or custom IOAsProficiency with query languages such as Splunk SPL or KQL for log analysisSolid grasp of endpoint OS internals (Windows event logs, process trees, registry, macOS/Linux equivalents)Experience supporting incident response investigations from an EDR perspectiveFamiliarity with cloud environments (AWS, Azure, or GCP) and securing cloud workloads via FalconNice to HaveCrowdStrike certifications (CCFA, CCFR, or CCFH)Experience with Falcon Data Replicator (FDR) or Humio/LogScaleScripting skills in Python or PowerShell for automationPrior experience in a SOC, MSSP, or consulting environment