5 Edr Solutions Jobs

About this role: Wells Fargo is seeking a Information Secuity Engineer. In this role, you will: Participate in security consulting on small projects for internal clients to ensure uniformity with corporate information, security policy, and standards Track or remediate vulnerabilities and security issues Review and correlate security logs Assist with the design, documentation, testing, maintenance, and troubleshooting of security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Provide technical support for security related issues Utilize industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Interface with more experienced technologists Required Qualifications: 2+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Exposure and hands-on experience with EDR solutions such as CrowdStrike, Tanium. Microsoft Azure Certifications(AZ-500/ AZ-900) Any other Cloud Certifications Job Expectations: To be part of the Cyber Threat Management team with a focus on delivering engineering and support for Endpoint Detection and Response Capabilities, File Integrity Monitoring and Compliance programs to aid the business with Risk Management initiatives. Manage and Maintain the Infrastructure for Enterprise Endpoint Detection and Response Solution Sound knowledge of Windows, Linux , AIX server operating systems Incident Handling and troubleshooting of performance issues on Server and ensuring System uptime Build and Deployment of Enterprise Endpoint Detection and Response Solution Collaborate with security solution vendors, software engineers, platform teams and cybersecurity teams to support development and production environments Maintain and develop procedure and knowledgebase documents Manage Health of the Enterprise Endpoint Detection and Response Solution Perform Compliance checks in keeping with requirements for the Enterprise Endpoint Detection and Response Solution Participate and perform Business and Resiliency tests Regular and proactive discovery, assessment, engagement, remediation, and mitigation of exploitable cyber vulnerabilities and cyber attacks within the Enterprise computing ecosystem.

As an Endpoint Security Engineer at our organization based in Hyderabad, you will play a crucial role in implementing, managing, and maintaining security solutions for all endpoint devices. Your responsibilities will include designing and implementing endpoint security strategies to safeguard against various threats, managing and configuring endpoint security tools, monitoring security alerts, conducting vulnerability assessments, performing endpoint security audits, and developing and enforcing security policies. You will collaborate with other security teams to ensure a comprehensive approach to securing endpoints and provide guidance and training to employees on best practices for endpoint security. Additionally, you will generate reports on endpoint security posture, incident metrics, patch compliance, and threat landscape. We are looking for a candidate with a strong background in endpoint security, cybersecurity, or related fields, experience with EDR solutions, proficiency in managing endpoint protection platforms, hands-on experience with vulnerability management and patching systems, and knowledge of mobile device management and data loss prevention technologies. Familiarity with endpoint forensics, malware analysis, SIEM tools, operating systems, networking protocols, and network security technologies is also required. The ideal candidate should possess excellent communication and interpersonal skills, attention to detail, ability to work independently, and analyze and respond to security incidents effectively. This is a full-time position with occasional on-call support required for incident management and collaboration with OEM Teams and Distributors. If you have experience in Endpoint Implementation, Configuration, Troubleshooting, DLP, and implementation, we encourage you to apply. The application deadline for this position is 19/07/2025.,

Key Responsibilities 1. Incident Detection and Analysis: Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. Utilize tools for traffic analysis, anomaly detection, and threat identification. Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience : Minimum of 5+ years in SOC operations or a similar cybersecurity role. Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. Strong command of incident response processes, security frameworks, and best practices. Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security. Keywords SIEM administration ,incident analysis ,configuration fine-tuning, Windows ,Linux, network security protocols ,ELK Stack, troubleshooting beats agents ,Splunk,Qradar ,EDR solutions ,Cybersecurity* Mandatory Key Skills SIEM administration, incident analysis ,configuration fine-tuning, Windows, Linux,network security protocols,ELK Stack ,troubleshooting beats agents, Splunk, Qradar ,EDR solutions, Cybersecurity*

Introduction In this role, youll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology In this role, youll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your role and responsibilities Analyze and triage security incidents to determine their severity and impact on Infrastructure systems. Primary point of contact for Cyber Security Incident response in the Cyber Security Escalations team. Provide a first point of contact for L3 security escalations from the SOC team, ensuring a thorough review, escalation Required education Bachelors Degree Preferred education Masters Degree Required technical and professional expertise Conduct in-depth analysis of security events, collaborating directly with different stakeholders to escalate and thoroughly investigate incidents. Participate in Security Incident Response Team in the identification, containment, eradication, and resolution of security issues, This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively, Collaborate with SOC teams to ensure effective incident response and continuous improvement. Assist in the development and refinement of SOC processes, procedures, and playbooks, Create and maintain incident reports, documenting findings, actions taken, and lessons learned Preferred technical and professional experience Stay current with emerging threats, vulnerabilities, and security technologies to proactively protect the organization. Notify Client of incident and required mitigation works. Track and update incidents and requests based on clients updates and analysis results. Good understanding on Phishing email analysis and their terminologies Having knowledge on EDR solutions (Preferred CrowdStrike), Participate in regular SOC team meetings and provide input on improving security posture. Communicate vertically and horizontally to keep stakeholders informed and involved on Security Operations matters

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security. Keywords SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity* Mandatory Key Skills SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity*