Job Description

Must Have Technical/Functional Skills
• 5+ years in detection engineering, threat hunting, or security operations.
• Deep expertise with CrowdStrike Falcon Endpoint, Next-Gen SIEM, CS IDP, FUSION, and SOAR platforms.
• Strong experience with cloud security (AWS, Azure).
• Proficiency in CrowdStrike Query Language (FQL/CQL) and scripting (Python, PowerShell).
• Proven ability to troubleshoot CrowdStrike sensor issues, agent health, and platform integration.
• Familiarity with MITRE ATT&CK, NIST 800-53, and modern detection frameworks.
• Expertise in Cribl and/or Cribl-like data optimization tools
• CrowdStrike certifications (e.g., CCFA, CCFH)
• Experience with threat intelligence platforms and adversary emulation.
• Familiarity with CI/CD pipelines, detection-as-code, and infrastructure-as-code practices Roles & Responsibilities
• Detection Engineering & Threat Monitoring
• Develop and maintain high-fidelity detection rules using CrowdStrike Falcon, Next-Gen SIEM, and FUSION.
• Leverage CS IDP to detect identity-based threats and lateral movement.
• Write and optimize queries using CrowdStrike Query Language (FQL/CQL) for threat hunting and detection
• validation.
• Build and tune detections for cloud environments (AWS, Azure, GCP) and integrate with cloud-native logging tools.
• Strong Experience in data engine tools like Cribl for SIEM integration, data processing, normalization, and enrichment to enhance SIEM capabilities.
• CrowdStrike Ecosystem Ownership
• Function as the primary SME for CrowdStrike, including Falcon, IDP, FUSION, and related modules.
• Troubleshoot and resolve sensor deployment issues, agent health problems, and telemetry gaps.
• Serve as the escalation point for CrowdStrike-related errors, automation failures, and detection tuning.
• Collaborate with CrowdStrike support and engineering teams to resolve complex issues and optimize platform performance.
• SOAR Automation & Incident Response
• Design and implement automated response playbooks using SOAR platforms to reduce dwell time and automate/streamline triage.
• Integrate detection outputs with incident response and/or other compliance frameworks as required.
• Threat Modeling & Use Case Development&nbs p;
• Conduct threat modeling for enterprise systems, cloud platforms, and business-critical applications.
• Translate MITRE ATT&CK techniques into actionable detection logic and use cases.
• Collaboration & Mentorship
• Work closely with infrastructure, compliance, and security operations teams to ensure secure operations.
• Mentor junior engineers and analysts on detection engineering, query development, and CrowdStrike best practices
• Knowledge of cybersecurity frameworks and best practices. Generic Managerial Skills, If any
• Team management skills
• Strong analytical and problem-solving skills.
• Excellent communication with both technical and non-technical stakeholders.
• Ability to work independently in a fast-paced environment.

Salary Range: $90,000 - $100,000 a Year

TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Maternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.

#LI-SP1

Job Tags

Similar Jobs