System Administrator

Position Summary We are seeking a CrowdStrike Administrator with at least 4 years of hands-on CrowdStrike experience to join a small team in the design, deployment, and optimization of the CrowdStrike platform for a DoD organization. This role will help stand up and mature an initial pilot focused on Oracle Cloud Infrastructure (OCI), and managed endpoints across a global enterprise, with a small AWS footprint as well. The expectation is to eventually scale the solution from pilot to full enterprise deployment. The administrator will serve as a technical contributor to architecture, policy design, integration, automation, and operational readiness. This position is ideal for a hands-on practitioner who can execute reliably in a structured, mission-focused environment. Key Responsibilities Contribute to technical design and implementation of the CrowdStrike platform for a pilot deployment across cloud and endpoint environments. Post-deployment, provide ongoing operations and maintenance (O&M) for the platform. Experience with full module deployment of CrowdStrike (Falcon Prevent, Insight, Insight XDR, Spotlight, Discover, Device Control, Cloud Security, Identity Protection, FileVantage [FIM], Data Protection, Falcon for IT, Exposure Management, Falcon for Mobile, Falcon Foundry, Falcon X Recon, Falcon Search Retention, Falcon Sandbox). Administer CrowdStrike policies, host groups, prevention settings, exclusions, user roles, and platform configurations. Support rollout of the pilot across cloud-connected workloads and managed endpoints in multiple geographic regions. Validate sensor health, deployment status, asset coverage, and operational reporting. Tune detections and prevention policies to balance security effectiveness and operational impact. Integrate CrowdStrike with enterprise security tooling such as SIEM, SOAR, ITSM, vulnerability management, and asset inventory platforms. Assist with onboarding of AWS and OCI assets into the CrowdStrike operating model. Create automation for deployment, monitoring, reporting, and operational workflows using scripting and infrastructure/platform tooling. Monitor alerts, investigate events, and perform initial triage and escalation in coordination with engineering and security operations teams. Develop dashboards, metrics, and reports for pilot performance, adoption, coverage, and risk reduction. Produce engineering documentation, implementation plans, SOPs, runbooks, and transition artifacts for steady-state operations. Work within Agile project teams, attending ceremonies (stand-ups, sprints, retrospectives) and using Jira for ticketing, backlog tracking, and documentation. Ensure alignment with DoD cybersecurity requirements, enterprise governance, and operational constraints, especially Zero Trust requirements. Mentor junior administrators and support knowledge transfer into steady-state operations. Other duties as assigned and operationally required. Required Qualifications 6+ years of experience in cybersecurity, endpoint security, systems security, or security engineering. 4+ years of hands-on experience with CrowdStrike administration, engineering, deployment, or platform operations. Experience supporting policy management, alert triage, endpoint deployment, and platform health monitoring. The most competitive candidates will have endpoint security experience with Trellix as well. Familiarity with enterprise endpoint environments and remote/global workforce support. Working knowledge of OCI and/or OCI security and operational concepts. Experience with security operations processes, ticketing, documentation, and escalation workflows. Familiarity with DoD or federal cybersecurity frameworks and operational environments. Minimum Secret clearance and ability to meet DoD 8140 privileged access requirements. Strong analytical and problem-solving skills; detail-oriented with a focus on operational excellence. Skilled communicator, able to collaborate with IT, cybersecurity, and mission teams in written and verbal communications with a positive attitude and customer-first approach. Proactive learner?stays current on CrowdStrike and endpoint security operations best practices. Preferred Qualifications Prior experience with Trellix (formerly McAfee Enterprise) endpoint security tools and migration or coexistence planning. Experience leading pilots, proofs of value, or phased enterprise rollouts of security platforms, as well as experience with large-scale global endpoint environments. Relevant certifications (including, but not limited to, Security+, CySA+, CASP+, CISSP, AWS Security Specialty, CrowdStrike, OCI, etc. certifications). Note that this is in addition to the required DoD 8140 certification(s). Experience with scripting or automation (e.g., PowerShell, Python, Bash) for deployment and administration. Experience with SIEM integrations and operational reporting. Familiarity with DoD cybersecurity operations, RMF-aligned environments, or federal security requirements. Compensation Range - $105,000 - $137,000