Endpoint Security Engineer

Role & responsibilities

Please share me interested candidate cv

Position Name Endpoint Security Engineer

Position type: Permanent

Total Exp: Above 7+ years

Rel Exp: 5 years

HBTS Budget: 15-17lpa

Notice Period: Only Immediate joiners to 15days

Work Location: Belapur, Navi Mumbai

Work Type: Work from Office (client location)

Job Description Must have:

MS Defender for Endpoints (EDR/ATP),Other Monitoring Tools, Trend micro, Deep security

Scope of Work :-

Assist in developing security Policies & Standards and reference Architecture for AV/EDR deployment.

Assist in formulating policies for threat detection and response in AV/EDR.

Provide guidelines for secure implementation of AV/EDR.

Assist in finetuning the EDR solution by providing guidance regarding response actions to be created, assist in creation of custom detection models, creation of playbooks etc.

Analyse the EDR alerts at a high level to understand the kind of threats seen by the organisation and suggest preventive methods to reduce the same.

Have close coordination with IT and SOC team regarding the alerts observed and suggest process improvements to reduce the alert count.

Suggest whitelisting of alerts based on analysis of alerts, in case they are false positives are activities which are required for business requirement.

Proactive analysis of platform technologies for secure deployments, secure configurations against Global Security Best Practices.

Assisting platform engineering team with security inputs while designing an architecture for the Bank for Security by Design.

Developing platform security standards and guiding solution design to meet corporate requirements.

Assist in corrective and preventive actions in case of security incidents.

Guidance for preventive action based on security incidents and threat landscape in the public.

Strategize and formulate high and low-level monitoring mechanism for security posture of platform technology deployments and advise measures to improve them.

Strategize and formulate high and low-level monitoring mechanism for Infrastructure security technology and best practices, manage the organisations Infrastructure security strategy & controls and keep abreast of new technologies and capabilities.

Possess and maintain in-depth technical and business knowledge of AV/EDR.

Possess broad expertise with end-point and other platform technologies like directory services, authentication services etc.

Taking proactive measures for enhancing the security posture of the Bank's IT Infrastructure by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERT etc.

Ensure service metrics relating to security and assurance that Infrastructure technology configurations are compliant.

Produce and track metrics for the effectiveness and maturity of Infrastructure security technologies and processes.

Essential Certification:-

Specific technical certification in Anti-malware/ EDR technology (specific OEM details shall be informed later)

Experience:-

Minimum 7 years in above mentioned platform technologies

Working experience in technical implementation of AV/EDR.

Hands-on experience in AV and EDR

Working experience in providing security recommendations for deployment/ management of AV/EDR.

Experience in Inter-technology, Inter-OEM integration from security perspective.

Proficient in creating custom rules for identifying anomalies and to create response actions.

Proficient in Platform and endpoint security solutions

Broad knowledge and experience in networking, authentication mechanism, cryptographic controls etc. will be preferred.

Sandboxing

In-depth understanding and expertise in sandboxing technology, including both hardware and software-based solutions.

Proficiency in analysing malware samples within a sandbox environment to identify malicious behaviour and assess potential threats.

Familiarity with various operating systems (Windows, Linux, etc.) commonly used in sandboxing environments.

Ability to incorporate threat intelligence feeds and indicators of compromise (IOCs) into sandbox configurations for proactive threat detection.

Capability to integrate sandbox solutions with broader security infrastructure, such as SIEM (Security Information and Event Management) systems. Proficiency in developing and fine-tuning

Sandbox policies and configurations to effectively analyse and contain threats.

Working experience in technical implementation of above-mentioned tools.

Working experience in providing security recommendations for deployment/ management of platform tools.

Proficient in Platform and PAM solutions

Broad knowledge and experience in networking, authentication mechanism, directory services, cryptographic controls etc. will be preferred.

Education

Btech, Mtech, MCA

Any Certification mandatory

Look for EDR/AV and Trend Micro Product Combination

Alternate Saturdays (1st & 3rd Saturday also working)

Preferred candidate profile