IT Security Analyst – EDR & Threat Hunting Specialist

• Install, configure, and manage CrowdStrike Falcon agents across servers, workstations, and endpoints.
• Maintain policies, configuration settings, and sensor health as per organizational requirements.
• Perform upgrades, patching, and version control of EDR agents and management consoles.

• Monitor s, events, and dashboards to detect suspicious or malicious activity.
• Investigate, triage, and escalate s to SOC or Incident Response teams as required.
• Support threat hunting, forensic investigations, and containment activities.

• Integrate CrowdStrike with SIEM, SOAR, ticketing systems, and other security tools.
• Tune detection policies, whitelisting, and custom IOC rules to minimize false positives and improve detection accuracy.
• Generate security reports and metrics for compliance and executive dashboards.

• Provide technical support and guidance to IT and security teams on EDR-related issues.
• Document SOPs, knowledge base articles, and best practices for EDR management.

• Proven hands-on experience in administering and managing CrowdStrike Falcon/EDR.
• Strong understanding of endpoint security, malware behavior, threat detection, and incident response.
• Knowledge of Windows, Linux, and Mac OS administration.
• Familiarity with SIEM tools (e.g., Google SecOps, FortiSIEM) and security frameworks (MITRE ATT&CK, NIST, ISO27001).
• Ability to analyze logs, s, and threat intelligence to identify root causes.
• Scripting knowledge (PowerShell, Python, or Bash) for automation is a plus.
• Excellent troubleshooting, analytical, and communication skills.

• CrowdStrike Certified Falcon Administrator (CCFA) or higher (CCFR, CCFH).
• CompTIA Security+, CySA+, or equivalent.
• Microsoft, Linux, or other OS administration certifications (preferred).

• 3–6 years in cybersecurity, with at least 2+ years in EDR administration (CrowdStrike preferred).

UST