Senior Security Engineer - EDR
- The role is responsible to provide IT security services to our customers.
- Provide senior level support to perform in-depth investigation on L2 escalated technology relevant security alerts/potential violations and coordinate with the right IT personnel / users to ensure that all critical security issues are resolved in timely manner.
- Coordinate with relevant IT personnel to ensure that all APT findings are resolved in timely manner.
- Drive the incident handled by the team for case-study and correlation of incident-related information and events pertaining to technology supported.
- Verify the reports produced by team members for the clients.
- Grasping technical capabilities of EDR systems and perform occasional audit on controls implemented and recommend improvements for team and clients.
- Review deployment and current implementation of EDR systems and relevant processes and recommend improvements in methods used and draft action plans to present to account team.
- Review and ensure security policies and configurations are implemented across ATP systems as per clients' requirements.
- Support the team's implementation of changes of EDR systems via on-call standby during activity window.
- Periodically review and assess team-related processes and plans to determine need for improvement/change followed by action plan and implementation.
- Support audit and compliance activities by reviewing provided evidence of infrastructure controls and presenting the information to auditors.
- Any other related work as requested by the Lead / Head to support achievement of the department's strategies and objectives.
- Bachelor's degree in a computer science or equivalent.
- At least 4 -6 years' experience in Cyber Security industry.
- Information security related experience, in areas such as: security operations, incident analysis, incident handling, malware forensics, and security device administration.
- Experience in CERT/CSIRT activities and Operations like Incident Management, Incident Response, Malware Analysis
- Able to communicate with other non-IT and/or non-Cyber Security specialised counterparts.
- Experience with network technologies and with system, security, and network monitoring tools.
- Advanced working knowledge with varying EDR/ATP technologies such as Microsoft, McAfee, FireEye, Crowdstrike, Carbon Black, and Tanium is preferred. EDR vendor related certification will be given additional preference.
- Experience in leading a Tier-1 SOC team will be an added advantage.
- Security related certifications such as (any 1): GCIA, GCFA, GREM, CASP+, ECSA, CISM, CISA, CISSP Certifications.