Job Description

The Senior Endpoint Security Engineer will be responsible for the design, deployment and management of globally deployed EDR systems. This role will work closely with the Cyber Threat Intelligence team, Incident Response, and monitoring analysts to define and tune rules and device security policies to meet the project

requirements.

Qualifications Bachelors or Masters Degree inComputerEngineering, Information Technology or information systems



Familiar with basic understanding of Malware, TCP/UDP packets, security tools such IDS/IPS, web

proxies, SIEM, DNS security, DDoS protection, firewalls



7+ years’ experience in cyber securityengineering role with respect to design, implement and run.



Relevant cyber security experience in IT Security, Incident Response or network security with strong

knowledge working in a Security Operations Center.



Experience with: SIEM (QRadar, Splunk, Nitro, etc.), SOAR (Resilient, Demisto, ServiceNOW, etc.),

Ticketing (JIRA, ServiceNow, Remedy, etc.)



Endpoint Detection and Response or Endpoint Security (Crowdstrike,Carbon Black,Clam AV etc)



Minimum 3+ Years experience in Security Operation centre with SIEMs or 3+ years of applicable

experience with Linux/UNIX systems in a production environment



Knowledge of generic information security standards/programs. Understanding of basic network

concepts, familiarity with TCP/IP and VLAN functionality



Experience with risk management, vulnerability management, threat analysis, security auditing,

security monitoring, incident response and other information security practices preferred



At least one technical certification (CCNA/MCSE/RHCE/Etc)

•At Least one cyber security certification (CISSP/CISM/CEH/COBIT/CompTia/etc.)

.

Security+,Linux+, GREM, GCFA, GNFA, OSCP, or similar certification preferred

Skills Required



Demonstrated experience scripting environments like bash and/or Powershell



Proficiency in server & networkadministration skills

-

Windows and Linux



Knowledge of onprem and cloud infrastructure technologies



Capability to develop professional documents in the form of reports, analysis, documentations (in English)



Strong attention to detail, analytical mind, and outstanding problem

-

solving skills



Experience in working under

pressure in a fast paced environment.



Strong collaboration and communications skills required to address and resolve issues in a matrixed

environment.



Full professional proficiency in English



Experience with SIEM tool like IBM Qradar, PaloAlto XDR

•

Experience with SOAR tool like IBM Resilient, PaloAlto XSOAR

•

Experience with EDR tool like Crowdstrike

, carbon black, Trend Micro

•

Good experience and exposure for advanced incident analysis



Experience with the common tools associated wit

h penetration testing (Metasploit, Burp Suite, Kali

etc.)



Ability to effectively code in a scripting language (Python, Perl, etc.)

Team management and upskilling

Personal skills:

• Good Team player

• Possess Positive and learning attitude

• Good Verbal and

Written communication skills

• Sense of Ownership, Priorities and Autonomous



Ability to travel up to 50% of the time

What we offer:

Working on international projects



Wide range of possibilities to gain both technical and soft skills as well as professional certifications

Roles & Responsibilities



Capable to fine tune incidents to avoid false

-

positive alerts



Identify, develop and propose enhancements to existing processes and operations



Ability to read and understand system data including security event

logs, system logs, application logs,

and device logs



Expert in analyzing & correlating logs from various security tools



Demonstrate ability to react quickly & take decisions for high priority incident



Ability to analyse incidents, independently form conclusions, and present findings and recommendations to other analysts



Exposure to SOPs creation related to different process and incident investigation analysis



Ability to investigate malicious activity to understand nature of threat



Ability to Collaborate/Interact with different teams in SOC



Exposure to Threat hunting activity



Exposure in email analysis to categorize it as a Spam/Scam, Malicious, Legitimate



Ability to analyze different IOCs and take actions accordingly



Project management and delivery Designing and implementing EDR solutions



Administration and maintenance of the endpoint protection infrastructure



Managing system performance, capacity and service quality