Edr & Threat Hunting

**Job Description Summary**
- As an SME, the resource will be part of the Endpoint Security Operations team responsible to administer Crowdstrike Falcon EDR & Threat Hunting. The professional skills for this level include but are not limited to:

Ability to quickly acquire and utilize knowledge on new technologies and solutions, emerging threats and vulnerabilities
- Strong understanding of ITIL process
- MUST have excellent oral and written communication skills and executive presence that enable effective engagement with senior stakeholders
- Ability to work independently and communicate the technical and security related issues Good presentation, facilitation and delivery skills as well as strong analytical and problem?solving capabilities
- Demonstrate critical thinking and the ability to bring order to unstructured problems
- Seek and embrace opportunities which give exposure to different situations, environments and perspectives
- Use straightforward communication, in a structured way, when influencing and connecting with others
- Able to read situations and modify behavior to build quality relationships
- Uphold LTI?s code of ethics and business conduct
- **
Roles and Responsibilities**:

- Hands-on experience (L2/L3 level) in support, implementation, configuration and management of EDR/AV solutions (EDR/AV solutions like CrowdStrike, Symantec, Trend Micro & McAfee)
- Administer Endpoint Security systems to ensure maximum uptime and client Health Compliance
- Monitor, respond to and analyze trends in Workstation/Servers for security-related events Perform daily, weekly & monthly scheduled task for CrowdStrike Falcon
- Prepare Weekly & monthly report for Endpoint Security Solution
- Audit various configured policy, compare & maintain those with respect to Best Practice Basic Troubleshooting of Sensor installation/uninstallation
- Co-ordination with various teams regarding CrowdStrike Falcon compliance, installation & troubleshooting
- Create, track & respond to support cases raised with CrowdStrike Support
- Suggest the necessary changes required to various policy
- Share proactively received notification from CrowdStrike with various team & management
- Download share latest version of various operating systems Sensor
- Monitor Removable media exceptions
- Monitor Anti-Malware Exceptions
- Good understanding of Security Operational Procedures and Vulnerability Assessment Remain current with new security vulnerabilities and key technologies and recommends changes or actions to management as appropriate
- Be able to illustrate and explain use cases for implementation of EDR projects, watchlists, reporting, and correlations of data from multiple data sources
- Good Understanding of Malware operations and indicators or threat, current threat landscape
- Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, Windows Event Logs along with MacOS
- Resolve issues of NGAV, EDR, and good Understanding of Threat Life Cycle, Miter Attack Framework.
- Ability to provide Tier 2 and Tier 3 support and manage complex and escalated tickets in the environment
- Experience in design and implementation of endpoint security solutions which includes installation, configuration, policy creation, fine tuning, and maintenance
- Knowledge of multiple operating systems and applicable system administration skills (Windows, Solaris, Linux)
- Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTPx, LDAP and others Familiarity with Information Security Frameworks and standards (NIST CSF, PCI-DSS, ISO27001, etc.)
- Proficiency in scripting language like Python, PowerShell, etc.
- Ensure quality work, i.e., review and validate the technical configuration changes and provide consultative ideas
- Good presentation skills to communicate status and recommendations in clear, concise language for technical and non-technical audiences
- Explore opportunities to optimize and ensure we are in line with enterprise requirements To maintain a lab environment for training, testing of new services and support of customers
- Work Across multiple technical teams towards common goals

**Skills Required**:
threat hunting crowdstrike symantec trend micro mcafee EDR

**Location**

Navi Mumbai

**Years Of Experience**

3 to 5 Years