This project will optimize the agency s CrowdStrike SIEM and related CrowdStrike services to improve threat detection, monitoring, and response capabilities. The contractor will expand and tune telemetry, integrate additional highvalue log sources, enhance security dashboards, and support the rollout of additional CrowdStrike services. The effort will increase visibility into endpoint and security risk, improve signal quality and correlation, and provide security leadership with clear insight into security operations effectiveness and overall risk posture.

Expected Outcomes:

Expanded and optimized CrowdStrike SIEM telemetry coverage

Integration of additional highvalue log sources

Improved dashboards for operational and executive visibility

Enhanced detection fidelity and monitoring effectiveness

Clearer insight for leadership into endpoint risk and security operations performance

Duties to Be Performed:

Assess current CrowdStrike SIEM configuration, telemetry coverage, and log ingestion

Enable and tune additional CrowdStrike telemetry to improve visibility and signal quality

Identify and integrate new highvalue log sources into CrowdStrike SIEM

Develop and refine security dashboards aligned to SOC and executive use cases

Assist with technical enablement and rollout of additional CrowdStrike services

Validate data quality, parsing, and correlation within the SIEM

Coordinate with Security Operations, IT Operations, and system owners

Identify gaps, risks, and improvement opportunities in monitoring and detection

Provide weekly status updates and monthly executivelevel progress summaries

Deliver supporting documentation and recommendations to sustain improvements

Deliverables:

Summary of work performed and capabilities delivered

Documentation supporting all telemetry enablement, log integrations, and dashboard implementations

Measurable improvements in monitoring, detection, or visibility

Recommendations for future enhancements or next-phase efforts

SKILLS AND QUALIFICATIONS