Senior Endpoint Detection & Response (EDR) Engineer - Sr Cybersecurity Engineer

What success looks like in this role:

Job Description Summary

We are seeking a highly skilled and proactive Senior Endpoint Detection & Response (EDR) Engineer to join our cybersecurity engineering team. This role is responsible for architecting, deploying, optimizing, and maintaining enterprise Unisys Enterprise Detection and Response solution CrowdStrike, to detect, prevent, investigate, and respond to advanced threats across the organization.

The candidate will serve as a subject matter expert (SME) for endpoint security technologies, leveraging threat intelligence, behavioral analytics, and detection engineering principles to enhance the organization’s overall security posture. This role will work closely with the Unisys Security Operation Center team and Detection and Response organization to drive continuous improvement of endpoint monitoring, threat detection capabilities, automation, and response workflows.

A critical aspect of the position includes developing advanced detection use cases, tuning prevention policies to reduce false positives, leading endpoint investigations, and building dashboards and KPIs to measure endpoint security effectiveness.

Key Responsibilities

Serve as primary technical owner and SME for CrowdStrike Falcon (or equivalent EDR platform).

Architect, deploy, configure, and maintain enterprise endpoint detection and prevention solutions.

Develop and tune detection logic using behavioral analytics, IOAs, IOCs, and threat intelligence feeds.

Lead containment, eradication, and recovery efforts during endpoint-related security incidents.

Create custom queries, detections, and response playbooks using EDR-native tools and integrations (e.g., SIEM, SOAR).

Develop dashboards, KPIs, and metrics to measure endpoint health, detection efficacy, and mean time to respond (MTTR).

Collaborate with SOC analysts to improve detection engineering and reduce alert fatigue.

Validate endpoint security posture during cloud migrations, system deployments, and major IT initiatives.

Provide documentation, runbooks, and training for SOC and IT teams.

Stay current with emerging threats, attack techniques (MITRE ATT&CK), and EDR innovations.

Support compliance initiatives and audits related to endpoint security controls.

Mentor junior security engineers and analysts.

#LI-RB1

You will be successful in this role if you have:

4-6 years of experience in cybersecurity, with at least 3+ years focused on Endpoint Detection & Response.

Hands-on experience administering CrowdStrike Falcon (preferred) or equivalent EDR platforms (Microsoft Defender for Endpoint, SentinelOne, Carbon Black).

Strong understanding of endpoint attack techniques, malware behavior, ransomware trends, and lateral movement techniques.

Experience with threat hunting methodologies and detection engineering.

Knowledge of MITRE ATT&CK framework and adversary emulation techniques.

Proficiency in scripting (Python, PowerShell, Bash) for automation and response workflows.

Experience integrating EDR platforms with SIEM and SOAR solutions.

Strong analytical and problem-solving skills with the ability to investigate complex security incidents.

Experience building dashboards, reporting metrics, and defining KPIs.

Familiarity with cloud-native endpoint security in AWS, Azure, or GCP environments.

Understanding of zero trust architecture principles.

Strong communication skills with the ability to present findings to technical and non-technical stakeholders.

Relevant certifications preferred (e.g., CISSP, GCED, GCIA, GCFA, CrowdStrike certifications).

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers.

If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at [email protected]. US job seekers can find more information about Unisys’ EEO commitment here.