Senior CrowdStrike Engineer (Endpoint Security)

Your opportunity

The Senior CrowdStrike Engineer is an individual contributor supporting endpoint security technologies, threat monitoring, and management in Schwab Cybersecurity Services. This role leads the security and infrastructure teams on the design, engineering, and implementation of technology solutions and methodologies to ensure secure endpoints. This role requires advanced level knowledge of the risk and endpoint security landscape to be able to better implement and maintain impactful security solutions.

What you're good at

Leading the engineering efforts and implemention of endpoint security capabilities in CrowdStrike including EDR, NG-SIEM, DLP, IDP, and Zero Trust. Leading the implementation and adoption of CrowdStrike modules while ensuring all regulatory and compliance standards are met. Collaborating with product and project teams to understand needs and enablement with security products. Strong analysis and decision-making skills with the ability to identify opportunities to mature endpoint security offerings, participate in technical cross-functional sessions, and ensure adherence to change and configuration management principles. Assessing issues and developing resolutions to meet productivity, quality goals, and objectives.

What you have

A proven track record of experience in implementing enterprise security solutions including design, configuration, installation, customization, automation, and optimization of tools.

5+ years of experience configuring and maturing endpoint security programs, with at least 3 years of hands-on expertise in CrowdStrike Falcon (including EDR, Identity Protection, Data Protection, Exposure Management, SaaS Security, NG-SIEM, Fusion, CWP, or FIM).

Proven track record of deploying, configuring, and tuning CrowdStrike agents across enterprise environments (Windows, macOS, Linux).

Strong understanding of endpoint detection and response (EDR), threat hunting, IOC / IOA development, and real-time response (RTR).

Experience writing and updating queries using CrowdStrike Query Language, or similar SIEM query language such as Splunk.

Experience integrating CrowdStrike with SIEM / SOAR platforms.

Experience integrating multiple security tools to provide enhanced visibility and monitoring capabilities.

Experience developing advanced workflows leveraging the CrowdStrike platform.

Ability to leverage CrowdStrike telemetry to support incident response investigations.

Comfortable collaborating with SOC, threat intel, and infrastructure teams to refine detection logic and reduce false positives.

Knowledge of MITRE ATT&CK, malware behaviors, and threat actor TTPs as they relate to endpoint security.

Advanced experience with scripting (PowerShell, CQL, Python, Bash) for automation and custom response actions.

Develop and report enterprise level metrics for endpoint security controls.

Architect solutions (initial state, transition, final state architectures).

Provide compliance and audit evidence for monitored systems.

Document, publish, and maintain a knowledge base of information pertaining to the functionality, processes, and procedures related to the supported tools.

One or more endpoint security related technologies

CrowdStrike

SIEM / SOAR

DLP

FIM

Red Team

Penetration testing

Incident management and response

Qualifications

More than 7 years of progressive experience in cybersecurity engineering

CrowdStrike certifications (e.g., CCFR, CCFP) are highly desirable

Advanced experience administering and managing CrowdStrike environments, including Data Protection, Identity Protection, FIM, Next-Gen SIEM, Cloud Security, and Fusion Workflows

Ability to identify security risks and weaknesses and provide security mitigation and remediation recommendations

Demonstrated experience and expertise with multiple security controls within multiple security domains

Bachelor's Degree in Computer Science, Engineering, or related field required

CISSP, CISM, or other relevant information security industry recognized certification preferred

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.

What's in it for you

At Schwab, you're empowered to shape your future. We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration-so you can build the skills to make a lasting impact. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer a competitive benefits package that takes care of the whole you - both today and in the future :

401(k) with company match and Employee stock purchase plan

Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions

Paid parental leave and family building benefits

Tuition reimbursement

Health, dental, and vision insurance

What's in it for you :

At Schwab, we're committed to empowering our employees' personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you'll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer a competitive benefits package that takes care of the whole you - both today and in the future :

401(k) with company match and Employee stock purchase plan

Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions

Paid parental leave and family building benefits

Tuition reimbursement

Health, dental, and vision insurance

Schwab is an affirmative action employer, focused on employing and advancing in employment, qualified women, racial and ethnic minorities, protected veterans, and individuals with disabilities in the workplace. If you have a disability and require reasonable accommodations in the application process, contact Human Resources at applicantaccessibility@schwab.com or call 800-275-1281.