Security Analyst - EDR
Location: Bangalore, KA, India
Date Posted: Sep 1, 2021
Roles and Responsibilities:
- Ability to quickly acquire and utilize knowledge on new technologies and solutions, emerging threats and vulnerabilities
- Hands-on experience (L2/L3 level) in support, implementation, configuration and management of EDR/AV solutions (EDR/AV solutions like CrowdStrike, Symantec, Trend Micro & McAfee)
- Administer Endpoint Security systems to ensure maximum uptime
- Monitor, respond to and analyze trends in Workstation/Servers for security-related events
- Good understanding of Security Operational Procedures and Vulnerability Assessment
- Remain current with new security vulnerabilities and key technologies and recommends changes or actions to management as appropriate
- Be able to illustrate and explain use cases for implementation of EDR projects, watchlists, reporting, and correlations of data from multiple data sources
- Good Understanding of Malware operations and indicators or threat, current threat landscape
- Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, Windows Event Logs along with MacOS
- Resolve issues of NGAV, EDR, and good Understanding of Threat Life Cycle, Miter Attack Framework.
- Knowledge of multiple operating systems and applicable system administration skills (Windows, Solaris, Linux)
- Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTPx, LDAP and others
- Proficiency in scripting languages like Python, PowerShell, etc.
- Ensure quality work, i.e., review and validate the technical configuration changes and provide consultative ideas
- Good presentation skills to communicate status and recommendations in clear, concise language for technical and non-technical audiences
- Experience with any of well known EDR/AV solutions like CrowdStrike, Symantec, Trend Micro & McAfee
- Experience with threat hunting
- Certifications like OSCP, CEH, CISA, GSEC or relevant.
- 2+ experience with Penetration testing / Red teaming / Running attack tools / Incidence response / Forensic analysis
- Ideal candidates should demonstrate skills around detection and mitigation of attacks
Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.