CrowdStrike Administrator

Greetings from TCS!!

Role: CrowdStrike Platform Administrator

Experience: 7+ years

Location: Hyderabad

Job Description:

The CrowdStrike Administrator is responsible for the end-to-end administration, monitoring, engineering, and optimization of the CrowdStrike Falcon platform and associated endpoint security tools. This includes sensor deployment, policy management, Scan management, exception management, platform engineering, automation and integration with other cybersecurity platforms.

Validate sensor installation, health, and communication status.

Track outdated, missing, or inactive sensors.

Assist in host isolation and containment activities (as per approval matrix).

Maintain ticket updates, operational logs, and daily/weekly reporting.

Inventory and coverage reporting for all endpoints..

Configure and maintain CrowdStrike policies: Prevention, Firewall, USB/Device Control.

Manage large-scale sensor deployment using SCCM, Intune, Tanium, JAMF, etc.

Troubleshoot Sensor/agent-related issues: failed installations, communication issues.

Manage device groups and apply policy hierarchy.

Perform host containment: isolate host, kill processes, quarantine malware.

Integrate CrowdStrike with SIEM platforms like Splunk, QRadar, Chronicle.

Configure and validate event forwarding, API connectors, syslog integrations.

Perform root-cause analysis and provide corrective recommendations.

Manage sensor upgrade rollouts and validate module behavior.

Design and architect enterprise-level CrowdStrike Falcon implementation.

Lead onboarding of new business units, cloud workloads, and global environments..

Create automation workflows using Python/PowerShell for API-based tasks.

Integrate CrowdStrike with SOAR tools: XSOAR, Phantom, InsightConnect