Diamond Technology is a Technical Services company. We have a business client who is a large local public organization with an opening for the following position:
JOB TITLE: Crowdstrike Engineer (Temp Contract)
DESIRED START DATE: Feb 2025
LOCATION: San Francisco Airport. Hybrid (Offsite & On-site)
DURATION: 1 to 3 years. 40 hours a week.
HOURLY RATE: $50 to $100
DUTIES CrowdStrike – The CrowdStrike candidate should have at least 3 years of experience supporting large enterprise, customers maximize the efficiency of the Crowdstrike platform.
This subject matter expert is expected to have and maintain all relevant Crowdstrike certifications.
Candidate is expected to provide dedicated assistance with the deployment, configuration and integration of CrowdStrike Falcon Platform including, but not limited to :
Assist with and make changes to the CrowdStrike platform to better protect networks and endpoints.
Optimizes the Falcon Platform according to CrowdStrike and industry best practices.
Enhance change management and incident response procedures to align with capabilities and workflows provided by CrowdStrike “Falcon Complete.”
Advise IT Operations how to best leverage CrowdStrike platform to minimize cybersecurity risks associated with unresolved patching and remediation tasks and assist in the implementation of same.
DELIVERABLES
Resident Engineer will be tasked with protecting resources on networks by implementing conditional multi-factor authentication rules so that stolen (or easily guessed) authentication credential cannot, by themselves, be used to access to RDP and other services running on Microsoft Window and Microsoft Windows Server.
Implement host-based firewall rules to further limit accessibility of network-facing services on Microsoft Windows, Microsoft Windows Server, macOS and Linux to only those individuals and networks with a valid business justification to access said services (“remote access”)
The Resident Engineer must be able to explain how these enhancements might be implemented using a combination of CrowdStrike and Palo Alto Networks User-ID, Group-ID, GlobalProtect VPN, Azure VPN gateway, or some other remote access solution, as well as the strategic use of virtual routing and forwarding tables to ensure remote access cannot be achieved using stolen authentication credentials (e.g. Pass-the-Hash attacks).
Improve the quality and entropy of memorized authentication secrets used to authenticate network services where MFA cannot be implemented; establish a baseline of said authentication events, and devise controls to detect atypical authentication requests outside of said baseline.
Establish procedures to ensure authentication secrets used by services accounts which have been historically exempted from periodic password changes, are changed, baselined, and then subject to change every twenty-four months thereafter.
Leverage the Falcon Agent real-time-response capabilities to execute audit scripts that compare endpoint configuration against desired “hardening” settings.
Minimum Qualifications for Microsoft Resource
MQ1: Must provide information for at least three (3) similar projects in the past five (5) years: Client name and type of organization (government, private corporation, etc.), and Project start and end dates.
MQ2: Candidates and/or Resume Profile must have a minimum of five (5) years of experience in technology with CrowdStrike.
MQ3: Candidates and/or Resume Profile must have current Certifications in the technologies (i.e., CrowdStrike et al.) and their products the Client has implemented and be able to provide a copy of certifications.
MQ4: Possibility to arrange for a hybrid schedule for this resource(s); however, final candidates must be able to work on site when necessary.
MQ5: Candidate must be a citizen of the United States, Canada, United Kingdom, Australia, or New Zealand with ability to work in the United States. Each resident engineer must also pass a TSA threat-assessment before they begin work.
Flexible work from home options available.