CrowdStrike & MS Defender SME

Crowdstrike & MS Defender SME

Start: ASAP
Duration: 6-12 months
Location: London 2-3 days per week
Rate: DoE, INSIDE IR35

We are seeking an experienced Endpoint Security SME with deep expertise in CrowdStrike Falcon and Microsoft Defender (including Defender for Identity) to join our cybersecurity team on a contract basis. This role focuses on managing and optimizing EDR solutions across Server and EUC (End User Computing) environments to enhance endpoint security and threat response.

Key Responsibilities:
- Deploy, configure, and manage CrowdStrike Falcon and MS Defender EDR solutions (including Defender for Identity).
- Investigate and triage security incidents; respond to advanced threats using EDR tools.
- Monitor alerts and analyze endpoint telemetry across cloud and on-prem environments.
- Collaborate with SOC and IT teams on threat resolution and continuous improvement.
- Develop and enforce endpoint security policies, threat hunting strategies, and remediation plans.
- Maintain strong cloud security posture (AWS) and ensure compliance using CSPM tools.
- Use KQL Scripting to assess Defender/CrowdStrike compliance across endpoints.
- Lead small-to-medium technical teams on support, life cycle initiatives, and security projects.
- Provide 24x7 on-call support for high-priority (P1/P2) security incidents.

Required Skills & Experience:
- Proven hands-on experience with CrowdStrike Falcon and MS Defender, including Defender for Identity.
- Strong background in malware analysis, threat intelligence, and incident response.
- Familiar with threat hunting, cyber kill chain, and SIEM tools.
- Experience with CSPM tools (Prisma Cloud, AWS Security Hub, Azure Security Center, etc.).
- Sound understanding of cloud security frameworks (CIS, NIST, ISO) and AWS security features.
- Strong Scripting skills in Python, Java, or C++ for automation and tooling.
- Skilled in working across Windows, Linux, and Unix systems.
- Excellent communication, reporting, and documentation skills.