Job Overview :

We are looking for an experienced EDR Security Analyst to strengthen our cybersecurity operations team.

The ideal candidate will have hands-on expertise in leading EDR tools such as Cylance Protect and Optics, CrowdStrike Falcon Insight, SentinelOne ActiveEDR, or Carbon Black EDR, and will play a key role in monitoring, investigating, and responding to endpoint security incidents.

This role demands strong analytical skills, deep technical knowledge of security threats, and the ability to work in a dynamic, 24x7 environment.

Key Responsibilities :

- Monitor, analyze, and respond to security alerts generated from EDR platforms (Cylance, CrowdStrike, SentinelOne, Carbon Black).

- Perform event and log analysis on Windows endpoints to detect malicious activity.

- Conduct detailed incident response across the lifecycle : detection, analysis, containment, eradication, recovery, and lessons learned.

- Investigate malware infections, unauthorized access, and endpoint compromise attempts.

- Provide Level 1 and Level 2 support for EDR-related security events and escalations.

- Document incidents, root cause analysis, and mitigation steps for knowledge sharing and compliance.

- Collaborate with SOC, network security, and threat intelligence teams for coordinated defense.

- Support the development and refinement of incident response playbooks and standard operating procedures.

- Recommend improvements in endpoint security configurations and policies to strengthen security posture.

- Participate in shift-based work schedules, including evenings, nights, or weekends, to support 24x7 security operations.

Required Skills & Qualifications :

- Strong, hands-on experience with at least one of the following EDR platforms :

a. Cylance Protect and Optics

b. CrowdStrike Falcon Insight

c. SentinelOne ActiveEDR

d. Carbon Black EDR

- Solid understanding of the security incident response lifecycle and practical application in real-world environments.

- Experience with malware analysis and endpoint forensics.

- Strong knowledge of Windows endpoint internals, logs, and threat detection techniques.

- Proficiency in cybersecurity concepts : Cyber Security, Network Security, Web Application Security.

- Excellent analytical, troubleshooting, and problem-solving skills.

- Ability to communicate findings clearly with both technical and non-technical stakeholders.

- Willingness to work flexible shifts to support a global security operations model.

Preferred Qualifications (Good to Have) :

- Relevant certifications such as CEH, GCIH, GCFA, or Security+.

- Exposure to SIEM tools and integration with EDR platforms.

- Familiarity with scripting (Python, PowerShell) for automation of security workflows.

- Experience in threat hunting and proactive detection techniques.

What We Offer :

- Opportunity to work with cutting-edge cybersecurity technologies.

- Dynamic and collaborative work environment.

- Exposure to diverse security use cases and global clients.

- Career growth with training and certification support