Key Responsibilities :

- Administer and maintain the EDR infrastructure, including platform upgrades, configuration changes, and performance tuning, to ensure optimal functionality and stability for all endpoints.

- Develop and implement EDR policies, rules, and configurations based on threat intelligence and organizational security requirements, to proactively defend against emerging threats.

- Monitor EDR alerts and events, investigate suspicious activities, and escalate incidents to the appropriate teams for further analysis and remediation, to minimize the impact of security breaches.

- Create and maintain comprehensive documentation of EDR configurations, processes, and procedures, to facilitate knowledge sharing and ensure consistent operations.

- Collaborate with security analysts and incident responders to improve incident response workflows and enhance the effectiveness of EDR in detecting and containing threats, to strengthen the overall security posture.

- Provide technical guidance and support to other teams on EDR-related matters, to promote security awareness and ensure proper utilization of EDR capabilities.

Required Skillset :

- Demonstrated expertise in administering and managing Endpoint Detection and Response (EDR) solutions, such as Crowdstrike and Azure Defender.

- Proven ability to configure and optimize EDR policies, rules, and configurations to effectively detect and prevent malicious activities.

- Strong analytical and problem-solving skills to investigate security alerts, identify root causes, and implement appropriate remediation measures.

- Excellent communication and collaboration skills to work effectively with security analysts, incident responders, and IT operations teams.

- Solid understanding of security principles, threat landscape, and incident response methodologies.

- Bachelor's degree in Computer Science, Information Security, or a related field.

- Ability to adapt to a dynamic work environment and work independently or as part of a team.