Responsibilities
• The candidate should have a team-oriented, client-facing mindset with proven experience conducting EDR infrastructure deployments. Use deep insights to identify, recommend and execute resolution for malware and other EDR-detected incidents while helping to develop and execute methodologies for EDR deployment, feature enablement and technical integration in a SOC.
• As an Endpoint Detection and Response (EDR) SME, candidate will play a key role in supporting the design, deployment, configuration, optimization, and operation of a large-scale Endpoint Detection and Response (EDR) deployment solution or similar security products, across multiple geographies.
• Candidate shall be responsible for managing day to day operations of Security Device Management SIEM, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. Also Responsible for identifying, reporting and tracking system vulnerabilities within corporate, commercial and federal assets ensuring the integrity of the environment.
Skills Required
• Project and delivery management experience 3+ years EDR administration (CrowdStrike Falcon, VMware Carbon Black, Palo Alto Network Cortex XDR, Microsoft Windows Defender, Cylance, Tanium etc.)
• 3 + years of working with EDR tools performing requirements gathering, deployment, configuration, and conducting threat hunting
• 5+ years working with operational information security disciplines (e.g. incident response, security infrastructure management, or monitoring services)
• 3+ years security tool engineering and administration (e.g. NGAV, EPP, EDR, SIEM, SOAR, UEBA, Deception, Attack Surface Management, etc.)
• Some of the following EDR experience- Agent deployment, health check and coverage sustainability
• Threat Hunting
• Systems integration
• Comparing vendor functionality
• Mapping EDR capabilities to threat scenarios
• Deploying EDR in a multi-agent (i.e. AV, NG AV) environments
• Deep understanding and proven experience in Cybersecurity Operations (Monitoring, Detection, Incident Response, Forensics)