Endpoint Security Lead - CrowdStrike

At AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology (IT) team equips our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. Innovation in IT drives innovation across the organization

The CrowdStrike Endpoint Security Lead will be part of AIG's Enterprise Information Security Organization, responsible for overseeing the deployment, configuration, administration, and ongoing optimization of the CrowdStrike Falcon platform across the enterprise. This role ensures the organization’s endpoints remain protected against advanced threats by leveraging CrowdStrike’s full suite of capabilities, including NGAV, EDR, Identity Protection, Exposure management, CrowdStrike Mobile, and threat hunting. The ideal candidate has hands-on expertise with endpoint security technologies, strong analytical skills, and proven experience leading enterprise-scale security initiatives.

The candidate must have extensive experience securing enterprise-level Cloud services, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) across multiple cloud providers, including AWS, and Microsoft Azure (Azure).

The individual in this position will lead as subject matter expert (SME) working in a team of Engineers and interacts closely with other IT groups like Security Architecture, Infrastructure Build and Operations teams, and GCDC SOC analysts for research and remediation of Security vulnerabilities, controls, and settings. The CrowdStrike Endpoint Security Lead is primarily responsible for but not limited to the following functions:

• Platform Ownership & Administration

• • Serve as the primary administrator and SME for the CrowdStrike Falcon platform.

  • Manage endpoint agent deployment, policy configurations, sensor health, and reporting.

  • Work with stakeholders to Test, maintain, and enforce security prevention policies and procedures of CrowdStrike Falcon Platform.

  • Lead endpoint protection posture improvements, including policy tuning and prevention rule updates.

  • Ensure sensor coverage and compliance across workstations, servers, and cloud workloads.

• Threat Detection & Response

• • Monitor and triage CrowdStrike alerts, detections, and dashboards.

  • Work with SOC and Incident Response teams to investigate and remediate endpoint threats.

  • Leverage Falcon Insight and Real Time Response to contain, isolate, and eradicate threats.

  • Perform post-incident analysis and implement preventative measures.

• Identity Protection

• • Manage CrowdStrike Identity Protection/ITDR modules and integrations.

  • Support MFA, conditional access, and endpoint identity controls.

• Integration & Engineering

• • Integrate CrowdStrike with SIEM, SOAR, vulnerability management tools, and other security platforms.

  • Lead CrowdStrike version upgrades, module rollouts, and configuration changes.

  • Develop automation and workflows using APIs, scripts, and reporting tools.

• Governance, Reporting & Compliance

• • Produce executive-level and operational security reports – including monthly true-up process indicating CrowdStrike coverage globally.

  • Ensure endpoint security posture aligns with frameworks (NIST, CIS, ISO, etc.).

  • Support internal/external audits and regulatory compliance requirements.

• Team Leadership & Collaboration

• • Provide technical directions to junior security analysts and engineers.

  • Work closely with IT, Infrastructure, and Desktop teams on deployment strategy.

  • Liaise with CrowdStrike support, TAMs, and product teams when necessary.

• Bachelor’s degree in computer science or other technical disciplines or equivalent relevant experience.

• 10+ years in an IT Security Engineering or Operations role with a focus on Endpoint Security Management tools. 

• Expert level knowledge in CrowdStrike Falcon Platform.

• • CrowdStrike DLP

  • Next Generation SEIM

  • Exposure management

  • Fusion SOAR

  • Investigate

  • LogScale

  • Host setup and management

  • API Configuration

  • Identity Protection

• Intermediate level knowledge is highly desired for below platforms:

• • Tanium

  • Microsoft Defender DLP for Endpoint

  • Lookout for Mobile

  • Azure WVD / Citrix

  • Ansible

• Knowledge of cyber security practices, challenges, tools and techniques

• Recent and relevant experience in vulnerability analysis and exploitation techniques.

• Troubleshoot issues within the product when necessary, assisting different teams, crash dumps, performance monitor and release blockers.

• In depth knowledge of Critical Security Controls like NIST, CIS Benchmarks, DISA STIG standards etc.

• Familiarity with International Security standards and Industry framework like ISO 27001/27002, PCI DSS and SOX.

• In depth knowledge and expertise with Infrastructure hardening and Security settings for Windows and Linux.

• Intermediate to Expert level knowledge on Windows & Active Directory, Unix/Linux Operating Systems.

• Good scripting knowledge using PowerShell, Python, Linux shell is desired.

• Basic knowledge of Cloud computing, Virtualization concepts and PaaS/SaaS services.

• Strong knowledge of TCP/IP and HTTP protocols.

• Be an energetic “self-starter” who is empowered to take ownership and be accountable for deliverables, both individually and as part of a growing team.

• Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team.

Preferred IT Certifications:

• CrowdStrike Certifications (CCFA, CCFR, CCES, CCRA).

• Experience with CrowdStrike Identity Protection, Falcon Discover, or Mobile.

• Background in large-scale enterprise deployments (50,000+ endpoints).

• Cloud security experience (Azure, AWS, GCP endpoint workloads).

• Experience with MDR or Falcon Complete programs.

• CISSP or other Security certification.

• Microsoft Azure or Linux Certifications.

• AWS Certifications.

For positions based in New Jersey, the base salary range is $126,000 -$171,000 and the position is eligible for a bonus in accordance with the terms of the applicable incentive plan. In addition, we’re proud to offer a range of competitive benefits, a summary of which can be viewed here: US Benefits Overview.

Ready to accelerate your career? We would love to hear from you!

Veterans are encouraged to apply!

#LI-NK1

#AIGcareers #technology #endpoint #security #crowdstrike #falcon #tanium

At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.

Enjoy benefits that take care of what matters

At AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.

Reimagining insurance to make a bigger difference to the world

American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.

Welcome to a culture of inclusion

We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.

AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.

AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities.  If you believe you need a reasonable accommodation, please send an email to [email protected].