Endpoint Security Engineer (L1&L2)

Device Management (Endpoint) Support Engineers – L1 & L2

Location: Chennai, Hyderabad and Mumbai

Mode: work from office (5 days)

Shifts: Rotational Shifts (24x7)

Budget - L1: 6-7 LPA; L2: 15-18 LPA

Skills required (End Point Security):

• Sentinal One
• Carbon Black
• Aruba - NAC
• DAM - Imperva
• DSF - Imperva

Job Overview:

Device Management L1 and L2 Support Engineers

Required Skills (Common for Both Levels):

Basic to Intermediate understanding of:

• Networking

  : Firewalls, routing, TCP/IP, packet flow & analysis.

• Operating Systems

  : Windows, Unix/Linux/Ubuntu.

• Security Concepts

  : OWASP Top 10, vulnerability management, system hardening, CIA triad, etc.

Hands-on experience with:

• Security Tools

  :

• Network Security

  – WAF, APT, Secure Web Gateway

• Endpoint Security

  – EDR, DAM, NAC, DLP, FIM, IRM

• IAM

  – PIM, RSA

• Infrastructure & Monitoring

  – Active Directory, SIEM/SOAR, Web Application Security
• Incident, change, and problem management processes.
• Basic automation & scripting (e.g., Bash, Python), Ansible, REST API.
• Security documentation – SOPs, reports, configurations, dashboards.
• Good communication, documentation, and stakeholder coordination skills.

Key Responsibilities:

L1 Support Engineer:

• Perform daily monitoring, health checks, and first-level support of security infrastructure.
• Handle user queries and coordinate with L2/TAC teams for escalations.
• Assist in technical documentation (SOPs, daily reports, dashboards).
• Follow defined SLAs and support internal/external audit requirements.
• Work with tools like EDR, NAC, DLP, IRM, SIEM/SOAR, WAF, and endpoint security platforms.
• Participate in incident and change management.
• Contribute to the upkeep of device configurations and health monitoring.

L2 Support Engineer:

• Handle L1 escalations, perform root cause analysis, and manage issue resolution.
• Coordinate with OEM vendors for RMA, patching, and upgrades.
• Ensure SLAs are met and assist in audit readiness.
• Troubleshoot and manage tools such as EDR, DAM, NAC, DLP, FIM, IRM, WAF, Secure Web Gateway, SIEM/SOAR, and IAM tools like PIM/RSA.
• Participate in automation and optimization initiatives using scripting, Ansible, REST APIs.
• Maintain and update documentation including SOPs, configuration baselines, dashboards, and audit reports.
• Participate in capacity planning, change/problem management, and process improvement.

Experience Requirements:

• L1 Role: Experience

  : 2 to 4 years total, with at least

  1 year in security device management and operations

  .

• L2 Role: Experience

  : 4 to 6 years total, with at least

  4 years in security device management and operations

  .

Educational Qualifications:

🎓 B.E. / B.Tech / MCA or equivalent in a relevant field.

Preferred Certifications:

• Certified Endpoint Protection Professional
• Network Security Certified Professional
• CEH, CISM, CISSP (for L2)
• ITIL, COBIT, ISO 27001

--

Kirti Rustagi

kirti.rustagi@raspl.com