Endpoint Security Analyst

• EDR Solution Management: Develop, configure, and maintain EDR solutions, tailoring them to specific Business needs and security requirements.
• Coverage: Develop baseline asset inventories and maintain owners for systems in the inventory. Always ensure to achieve 100% coverage in EDR deployment.
• Daily Operations: Perform routine tasks like tool administration, tuning, malware quarantining, and ensuring EDR tools effectively support security monitoring and incident response.
• Threat Detection and Response: Analyze EDR tool output to optimize security monitoring, support incident detection, and identify potential threats.
• Policy and Procedure Development: Develop, implement, and update EDR policies, rules, and configurations to align with security standards and threat intelligence.
• Collaboration: Work closely with SOC, threat intelligence, and other security teams to improve overall security posture.
• Security Assessment and Improvement: Offer expert advice and recommendations for improving security posture, mitigating vulnerabilities, and adhering to security standards.
• Incident Response: Participate in incident response efforts, utilizing EDR tools to investigate, contain, and remediate security incidents.
• Documentation and Reporting: Document findings, actions taken, and lessons learned for each incident. Prepare periodic security reports and contribute to compliance audits.
• Knowledge Sharing and Training: Guide and mentor Team, provide training sessions, and share knowledge on endpoint security best practices.
• Vendor Coordination: Coordinate with EDR vendors for troubleshooting, enhancement, and maintenance of endpoint security solutions.
• Compliance: Contribute to compliance audits and ensure adherence to security standards.
• Staying Up-to-Date: Remain current on the latest security threats and trends.

• Experience in scaling an enterprise EDR program across multiple environments seamlessly with proper strategy and prioritization.
• Strong knowledge of endpoint security technologies and concepts (EDR, DLP, MDM). Hands-on experience and deep knowledge of EDR technologies like CrowdStrike, Defender, Cortex.
• Experience with automated response via SOAR platforms and security orchestration.
• Understanding of network security, operating systems, and cloud environments.
• Experience managing endpoints in hybrid environments (Cloud, On-Prem, VDI).
• Advanced understanding of technical information security concepts related to threat landscapes.
• Strong understanding of network protocols, operating systems, and security technologies.
• Familiarity with compliance frameworks like ISO 27001, NIST, etc.
• Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations.
• Skilled in developing professional documentation and detailed reporting (including PowerPoint presentations), including policies, standards, processes and procedures
• Very high attention to detail, with strong skills in managing/presenting data and information.
• Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills.
• Excellent communication, collaboration, and interpersonal skills.

• Bachelor’s degree in computer science, Information security, or in a related field. Relevant Cyber Security certifications (e.g. CompTIA Sec+, C|ND, CEH, or any Globally renowned Certification) are a plus.
• 2- 4 years of total experience in SOC in a large multi-national organization or in a known MSSP. In addition to SOC Engineering experience, candidate should possess at least 1+ year of experience on EDR Security and Governance capabilities.

METRO Global Solutions Center