AV/EDR - L2 Support

Position:.AV/EDR - L2 Support

Location:Mumbai (Belapur)

WorkMode:4 Days WFO+1 Day WFH

Job type-Full Time

JD Details

Scope of Work:-

• Assist in developing security Policies & Standards and reference Architecture for AV/EDR deployment.
• Assist in formulating policies for threat detection and response in AV/EDR.
• Provide guidelines for secure implementation of AV/EDR.
• Assist in finetuning the EDR solution by providing guidance regarding response actions to be created, assist in creation of custom detection models, creation of playbooks etc.
• Analyse the EDR alerts at a high level to understand the kind of threats seen by the organisation and suggest preventive methods to reduce the same.
• Have close coordination with IT and SOC team regarding the alerts observed and suggest process improvements to reduce the alert count.
• Suggest whitelisting of alerts based on analysis of alerts, in case they are false positives are activities which are required for business requirement.
• Proactive analysis of platform technologies for secure deployments, secure configurations against Global Security Best Practices.

• Assisting platform engineering team with security inputs while designing an architecture for the Bank for Security by Design.
• Developing platform security standards and guiding solution design to meet corporate requirements.
• Assist in corrective and preventive actions in case of security incidents.
• Guidance for preventive action based on security incidents and threat landscape in the public.
• Strategize and formulate high and low-level monitoring mechanism for security posture of platform technology deployments and advise measures to improve them.
• Strategize and formulate high and low-level monitoring mechanism for Infrastructure security technology and best practices, manage the organisations Infrastructure security strategy & controls and keep abreast of new technologies and capabilities.
• Possess and maintain in-depth technical and business knowledge of AV/EDR.
• Possess broad expertise with end-point and other platform technologies like directory services, authentication services etc.
• Taking proactive measures for enhancing the security posture of the Banks IT Infrastructure by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERT etc.
• Ensure service metrics relating to security and assurance that Infrastructure technology configurations are compliant.
• Produce and track metrics for the effectiveness and maturity of Infrastructure security technologies and processes.

Essential Certification:-

• Specific technical certification in Anti-malware/ EDR technology (specific OEM details shall be informed later)

Experience:-

• Minimum 7 years in above mentioned platform technologies

Looking to get Placed? Try our Placement Guarantee Plan

Get Hired
• Working experience in technical implementation of AV/EDR.
• Hands-on experience in AV and EDR
• Working experience in providing security recommendations for deployment/ management of AV/EDR.
• Experience in Inter-technology, Inter-OEM integration from security perspective.
• Proficient in creating custom rules for identifying anomalies and to create response actions.
• Proficient in Platform and endpoint security solutions
• Broad knowledge and experience in networking, authentication mechanism, cryptographic controls etc. will be preferred.

Sandboxing

• In-depth understanding and expertise in sandboxing technology, including both hardware and software-based solutions.
• Proficiency in analysing malware samples within a sandbox environment to identify malicious behaviour and assess potential threats.
• Familiarity with various operating systems (Windows, Linux, etc.) commonly used in sandboxing environments.
• Ability to incorporate threat intelligence feeds and indicators of compromise (IOCs) into sandbox configurations for proactive threat detection.
• Capability to integrate sandbox solutions with broader security infrastructure, such as SIEM (Security Information and Event Management) systems. Proficiency in developing and fine-tuning
• Sandbox policies and configurations toeffectively analyse and contain threats.
• Working experience in technical implementation of above-mentioned tools.
• Working experience in providing security recommendations for deployment/ management of platform tools.
• Proficient in Platform and PAM solutions
• Broad knowledge and experience in networking, authentication mechanism, directory services, cryptographic controls etc. will be preferred.