edr sme
5 days ago
Level: L3
- Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs).
- Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams
- Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations
- Assist in troubleshooting sensor-related issues, including log collection and root cause analysis
- Raise and manage support cases with CrowdStrike for unresolved technical problems
- Maintain documentation of known issues, fixes, and deployment best practices.
- Conduct proactive threat hunting using Falcons historical and real-time data.
- Leverage CrowdStrike Adversary Intelligence to correlate endpoint behaviour with known threat actor TTPs
- Collaborate with threat intelligence teams to enrich detection logic and improve response workflows.
- Participate in governance forums and SLA reviews to report on EDR performance, coverage, and incident metrics
- Ensure compliance with internal security policies and external regulatory requirements.
- Contribute to executive dashboards and audit documentation for endpoint security posture
- Work closely with SOC, SIEM, DLP, and Cloud Security teams to integrate endpoint telemetry into broader detection and response strategies
- Support CDC operations by aligning EDR capabilities with automation playbooks and GenAI-driven enrichment
Tool Technology:
Crowdstrike
-
waf sme
5 days ago
Gurgaon, Haryana, India Outworx Solutions Full time ₹ 15,00,000 - ₹ 25,00,000 per yearLevel: L3Managing both on-prem and cloud-based WAF deployments:Citrix NetScaler: Oversee 4 SDX appliances and 11 VPX instances (3 cloud + 8 on-prem), supporting ~1500 internet-facing applicationsImperva WAF: Manage gateway appliances and virtual deployments, ensuring high availability, low latency, and SSL accelerationConfigure and maintain WAF policies,...
-
It Security Services Lead
4 weeks ago
Gurgaon, Haryana, India Kyndryl Full timeWho We AreAt Kyndryl we design build manage and modernize the mission-critical technology systems that the world depends on every day So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable inclusive world for our employees our customers and our communities The Role ...
-
Security Engineer L3
2 weeks ago
Gurgaon, Haryana, India Rackspace Full time ₹ 20,00,000 - ₹ 25,00,000 per yearRackspace Cyber Defense Security Engineer L3 (Cloud Security) About Rackspace Cyber Defense Rackspace Cyber Defense is our next generation cyber defense and security operations capability that builds on 20 years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services. Our purpose is...
-
Security Engineer L3
2 weeks ago
Gurgaon, Haryana, India Rackspace Technology Full time ₹ 8,00,000 - ₹ 12,00,000 per yearRackspace Cyber DefenseSecurity Engineer L3 (Cloud Security)About Rackspace Cyber DefenseRackspace Cyber Defense is our next generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services.Our purpose is to enable...
-
Security Engineer L3
2 weeks ago
Gurgaon, Haryana, India Rackspace Full time ₹ 8,00,000 - ₹ 12,00,000 per yearRackspace Cyber DefenseSecurity Engineer L3 (Cloud Security)About Rackspace Cyber DefenseRackspace Cyber Defense is our next generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services. Our purpose is to...
-
Legion Siem Subject Matter Expert
2 weeks ago
Gurgaon, India Innowrap Technologies Full timeWe are seeking a Subject Matter Expert (SME) for its Legion SIEM/EDR/XDR security product line. This individual has extensive hands-on experience with: - EDR Solutions (Crowdstrike, SentinelOne, CarbonBlack, and eventually our Legion SIEM solution) - EPP Solutions (Cylance, McAfee, Symantec, and eventually our Legion SIEM solution) - SIEM/log management...
