Cloud and Endpoint Security Engineer

The Senior Cybersecurity Engineer – Cloud and Endpoint Security plays a pivotal role in engineering, administering, and optimizing NiSource’s security platforms across endpoint and cloud environments. This role combines hands-on expertise in CrowdStrike Falcon and cloud security (Azure, AWS, GCP) to deliver unified threat visibility, response automation, and proactive risk reduction across IT and OT assets.

Requirements

• Engineer, administer, and optimize the CrowdStrike Falcon platform—covering policy tuning, sensor deployment, and health monitoring across enterprise endpoints
• Develop and enhance custom detections, response logic, and playbooks leveraging Falcon Fusion, RTR, and threat intelligence data
• Deploy, configure, and manage cloud security controls and integrations across Azure, AWS, and GCP—ensuring consistent protection across hybrid workloads
• Integrate endpoint and cloud telemetry into SIEM (Splunk) and SOAR platforms for automation, enrichment, and real-time containment
• Partner with the SOC and Incident Response teams to investigate alerts, correlate cloud and endpoint events, and validate detection efficacy
• Lead efforts to secure endpoint and cloud baselines aligned with CIS, NIST, and NiSource technical specifications
• Drive automation of security processes and metrics reporting using Python, PowerShell, and API-based integrations
• Evaluate and pilot emerging security technologies, such as Falcon Discover, Identity Protection, or Cloud Workload Protection, to enhance defensive depth
• Collaborate with infrastructure, architecture, and compliance teams to align controls with Zero Trust and regulatory frameworks (e.g., NERC, FERC, CIP)
• Support vulnerability and patch management integrations using Falcon Spotlight and cloud-native tools
• Participate in post-incident analysis and continuous improvement cycles to strengthen overall security posture

Benefits

• Generous Paid Time Off
• 401k Matching
• Retirement Plan
• Relocation Assistance