Administrator - Endpoint Security

Additional details

**Level**
- P2**Requirement location**
- India - Bengaluru**Number of Position**
- 1**Employment type**
- ML**Cluster/Group**
- Microland Delivery**Business Unit**
- US**Department**
- SOC - Tech Ops**Job Description**:
Key Skill: Microsoft Defender

OVERALL SKILL SETS FOR End Point
Øf0 Experience in endpoint protection troubleshooting
Øf0 The security specialist is responsible for conducting information security investigations as a result of security incidents
Øf0 Provide timely detection, identification, and alerting of possible attacks/intrusions,
Øf0 Anomalous activities, and misuse activities and distinguish these incidents and
events from benign activities.
Øf0 Isolate and remove malware.
Øf0 Conduct research, analysis, and correlation across a wide variety of all source
Øf0 Data sets (indications and warnings).
Øf0 Provide daily summary reports of network events and activity relevant to cyber
defense practices.
Øf0 Receive and analyze network alerts from various sources and determine possible
causes of such alerts.
history, status, and potential impact for further action in accordance with the
organization s incident response plan.
Øf0 Work with stakeholders to resolve computer security incidents and vulnerability
compliance.
Øf0 Malware handling on AV
Øf0 Host Intrusion Detection and Prevention (HIPS)
Øf0 Monitor security of the cloud and on-perm environment using various security tools
Øf0 Retrieve and report metrics on various security areas of the cloud on-perm environment.
Øf0 Install and configure security systems and tools.
Øf0 Behavioral analysis and actionable intelligence applied to stop an incident from breach
Øf0 Ensuring that service reports are produced for each customer service and that breaches of SLA targets are highlighted, investigated and actions taken to prevent their recurrence

Job Requirements
Øf0 Good understanding of system security (client, server, system hardening standards)
Øf0 Notion of networking concepts (routing, switching, proxy, firewall) and ability to assist SOC analysts with threat detection systems (networks, firewalls, servers, Windows, Linux, authentication etc.).
Øf0 Ability to identify, analyze and report root cause of security incidents
Øf0 Respond to security escalations and coordinate with internal, external and vendor support in order to provide initial analysis, containment, remediation, after action analysis and reporting of security events and incidents.
Øf0 Creative, dynamic, open minded, pro-active, and enthusiastic
Øf0 Result-focused, able to work under pressure
Øf0 Honest, willing, and able to take the lead and to delegate tasks where necessary
Øf0 Should be comfortable working in 24/7 shifts

Desired Skills
Øf0 Trend Micro 20 EPS, Antivirus management (crowd strike Falcon), Symantec Endpoint Protection
Øf0 EDR
Øf0 VMware Carbon Black
Øf0 Cloud technology (Azure/AWS Security, Cynet 360, Cisco Umbrella ,WAFDDOS solution CloudFlare (SaaS) )
Øf0 DDI Vulnerability Scanner

Roles and Responsibilities:
Øf0 In addition to over all skill L2 need to act as the coordinator and response to individual information security incidents
Øf0 Mentor security analysts at L1 regarding risk management, information security controls, incident analysis, incident response, console monitoring, and other operational tasks in support of technologies managed by the Security Operations Centre
Øf0 Document incidents from initial detection through final resolution
Øf0 Participate in security incident management and vulnerability management processes
Øf0 Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructur