Overview

Deploying and Integrating Crowdstrike Job at Palette Technologies – in Remote

Job Description


Must have strong experience with deploying and integrating Crowdstrike

Deployment Group Identification
The first step in the deployment is to group the current hosts in the environment based on operational order to minimize the risk of adverse impact to critical systems during the deployment. While this is extremely rare, Optiv encourages this approach.

  • Review the planned environment and verify all system prerequisites are met according to the vendor’s documentation
  • List of supported OS: https://www.crowdstrike.com/products/crowdstrike-falcon-faq/

Build
Objectives for each phase are listed below

  • Activate the account if not already done by the Client team
  • Download and install the Agent (sensor):

o Deploy to a small pilot group to validate the installation and confirm no operational impact with existing applications or processes
o Confirm the sensor is running
o Verify sensor visibility in the cloud
NOTE: If Overwatch or Intelligence are used, Optiv will confirm these services are active from CrowdStrike. Client will systematically expand the Agent deployment to the rest of the environment, with Optiv’s assistance or oversight as time permits.

  • Enable the in-scope CrowdStrike Falcon Endpoint bundle components:

o Prevent (Next-Generation Antivirus)
o Insight (EDR)

  • Integrate logs with the existing SIEM solution

NOTE: If add-on features such as Sandbox, Spotlight, Search, Overwatch, or Intelligence are used, Optiv will verify these services are active from CrowdStrike.
Phase 1 – Learning Mode

  • Analyze and remediate findings before moving into a protection-oriented state
  • Conduct interoperability testing of core engine, driver hooks, installation, etc.
  • Prepare the Exception Handling strategy and Refine process

Phase 2 – Data Collection

  • Gather as much data as possible to drive the automation project
  • Identify reports around performance due to the increase in visibility
  • Drive future policy decisions between blocking or alerting on abnormal files

Run
Phase 3 – Findings Review and Automation

  • Begin analysis of data set to discover patterns for automation
  • Continue Threat Review process to prepare for blocking mode
  • Build and implement the first phase of Test and Refine Exception Handling policy
  • Automate Exception Handling policy and alerting

Phase 4 – Quarantine (Malware Blocking)

  • Begin prevention of any malware from executing
  • Demonstrate the testing and refining process within the Exception Handling policy
  • Refine the automation process

Job Types: Full-time, Contract

Pay: $55.00 – $60.00 per hour

Schedule:

Education:

Work Location:

About Company

Company: Palette Technologies –

Company Location:  Remote

About Palette Technologies -