Security Engineer L2 (Endpoint Security)

Rackspace Technology

  • India
  • Permanent
  • Full-time
  • 16 days ago
Rackspace Security (Public Cloud)Security Engineer L3 (Endpoint Security)About Rackspace Cyber DefenceRackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services.Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads.Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.Our mission is to help our customers:· Defend against new and emerging risks that impact their business.· Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.· Reduce their exposure to risks that impact their identity and brand.· Develop operational resilience.· Maintain compliance with legal, regulatory and compliance obligations.\nWhat we're looking for
  • To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspace's strategic customers.
  • This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers.
  • The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers.
  • You will also be required to liaise closely with the customer's key stakeholders, which may include incident response and disaster recovery teams as well as information security.
Skills & Experience
  • Should have 8+ years experience in Security Engineering.
  • Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response.
  • Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud.
  • Experience of working in two (or more) of the following additional security domains:
  • SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc.
  • AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail .
  • Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis.
  • Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls.
  • Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.
  • Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell.
  • Knowledge of Malware reverse engineering, threat detection and threat hunting.
  • Computer science, engineering, or information technology related degree (although not a strict requirement)
  • Holds one, or more, of the following certificates (or equivalent): -
  • Microsoft Certified: Azure Security Engineer Associate (AZ500)
  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Systems Security Certified Practitioner (SSCP)
  • Certified Cloud Security Professional (CCSP)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Security Operations Certified (GSOC)
  • CrowdStrike admin Certified
  • A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.
  • A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.
  • Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure.
  • An individual who shows a willingness to go above and beyond in delighting the customer.
  • A good communicator who can explain security concepts to both technical and non-technical audiences.
Key Accountabilities
  • Ensure the Customer's operational and production environment remains healthy and secure at all the times.
  • Assist with customer onboarding - customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s).
  • Advance platform administration.
  • Critical platform incident handling & closure.
  • As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process
  • As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response.
  • Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams.
  • Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s)
  • Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.
  • Co-ordinate with vendor for issue resolution.
  • Required to work flexible timings.
\n

Rackspace Technology

Similar Jobs

  • Lead Engineer - React.js

    Neighborly

    • Bangalore, Karnataka
    About Neighborly Neighborly is a local network of home service brands that will connect you to very specific vetted local experts. Our family of service professionals work with r…
    • 2 hours ago
    • Apply easily

  • Software Engineer, Salesforce

    Marriott Tech Accelerator

    • Hyderabad, Telangana
    Job Description About Us: Marriott International Inc., headquartered in Bethesda, Maryland, USA, was founded in May 1927 by J. Willard Marriott and Alice S. Marriott with a mod…
    • 2 hours ago
    • Apply easily