Jobs

Interviews
Job Alerts
Tools

Upskill and Grow with AI

Mock Interview Practice interviews in realistic simulations

Coding Practice Improve your coding skills with challenges

Certification Earn certifications to validate your skills

AI Learning Get trained with AI expert sessions

Career Path AI insights for smarter career decisions

AI Job Match Score AI-Powered Job Match Against Your Resume and Optimize Your Resume

Career Tools and Resources

Resume Builder Build Professional Resume with Ease

ATS Friendliness Check Check Resume Friendliness for Applicant Tracking Systems

Auto Apply Apply to hundreds of jobs on any platform effortlessly

Co-Pilot (Chrome Extension) Your AI Assistant for Seamless Browsing Efficiency

Interview Questions Streamline interviews with ready-to-use questions

Salaries Discover market-driven salary insights across skillsets and geographies

Companies Explore leading companies actively hiring talent
For Employers

Home
>
Jobs in chennai
>
UST Global
>
L3 EDR SME

L3 EDR SME

UST Global

7 - 9 years

6 - 7 Lacs

chennai

Posted:5 days ago| Platform: GlassDoor logo

Apply

Skills Required

support siem technology service dashboard query maintenance architecture documentation reporting management audit score evidence training development data analysis metrics tam learning communication querying security networking certifications automation configuration tuning checks patch saas escalation powershell python api automate efficiency reliability onboarding engineering integration research test cortex macos linux collaboration design agility

Work Mode

On-site

Job Type

Part Time

Job Description

7 - 9 Years

1 Opening

Chennai, Noida, Trivandrum

Role description

Role Proficiency:

Provide support to a specific SIEM or EDR technology for global customers; to ensure and maintain the platform is functioning as expected. Independently monitor and proactively take ownership for resolution of issues and work matters.

Outcomes:

Monitor investigate and provide meaningful resolution of tickets and issues across multiple customers for the specified SIEM or EDR type. Escalate issues observed accordingly to a team member if appropriate to ensure optimal performance of the supported platform

Assist with service requests for platform types such as access requests as well as more targeted requests for specific modules on platform such as dashboard creation and query support. Investigate larger issues to ensure optimal service for internal and external stakeholders.

Provide assistance with maintenance activities to help with improving understanding of architecture of supported platforms; as well as self-study to building proficiency for supported toolsets

Proactively develop and maintain documentation and knowledge articles for the broader team related to customer support

Generate relevant reporting as required for platforms supported on a regular basis; ensuing internal and external reporting requirements are met.

Ensure in-life requests are being actioned in a timely manner for self as well as junior roles to ensure effective maintenance and management of the customer platform.

With minimal supervision provide support where required to other platform engineers by taking ownership of issues and ensuring requests are rectified focusing on the impact to the customer

Provide supervision and guidance to junior members of the team.

Measures of Outcomes:

Percent of Adherence to processes and methodologiesa.Percent of adherence to SLAs for in-life ticketing processesb.Percent of adherence to workflows and completeness of audit trails for activities undertaken.

Productivity score maintaineda.Number of issues identified early in the event of issues with delivering tasks or workload.b.Number of issues with effective evidence provided for escalations during triage.

Number of opportunities to enhance change documentation to ensure processes remain relevant for the broader team.

Number: of relevant skill related training and development activities undertaken; evidenced by certification.

Number of opportunities to and improve helping to reduce false positives

Outputs Expected:

Technical Expertise:

Demonstrate comprehension and experience in the specific SIEM or EDR platform that Engineer is working on.

Comfortable with and awareness of the customers being supported; capable of providing support towards high level customer QBR (Quarterly Business Review) preparation.

Use technology to identify with the ability to implement technical solutions to issues with queries/rules/dashboards/data feeds

Provide input to customer requirements or issues i.e.
Ability to have understanding to translate a customer requirement into a technical solution of how that could be achieved in the respective platform.

Provide support to Junior members.

Platform Management – Incidents and Requests:

Provide accurate updates to appropriate Service and Change Requests; ensuring audit trails are preserved and SLAs are achieved.

Take the lead to identify issues with the specified platform type or its supporting infrastructure.

Proactive identification of issues
with behavioural analysis/patterns identified with suggestions for resolutions.

Provide support to Junior members.

Stakeholder Focus:

Ensure relevant reporting metrics of customer information provided in a timely manner; and engaging customer/TAM/Project team where required.

Ensure customer specific processes are being followed.

Undertake mandatory and proactive learning and development opportunities.

Skill Examples:

Good communication skills

Skill in being prepared to undertake background check/validation to ensure integrity.

Ability to work unsupervised with the assigned SIEM or EDR technologies and their supporting infrastructure

Ability to work from CLI.

Ability to work with multiple querying languages

Aptitude in working with querying data and the role of a SIEM/EDR

Ability to show analytical skills working across multiple technologies and customers.

Knowledge Examples:

Knowledge Examples

Experience working with Security Operations and/or EDR/SIEM Platform Management role.

A deep understanding of the workings of supported toolsets and technologies.

Knowledge of IT Infrastructure and basic networking concepts

Knowledge of MITRE ATT&CK framework and how it can be applied to use cases.

Knowledge of creation of detection rules as well as improving and enhancing SIEM/EDR

Knowledge of Big Data and Data manipulation.

Desirable: Certifications in IT infrastructure / SIEM / EDR / Ethical Hacking

Desirable: Academic qualifications and/or relevant work experience in lieu of qualification.

Additional Comments:

Role Overview: We are looking for a highly skilled and motivated L3 EDR Subject Matter Expert (SME) to join our Managed EDR (MEDR) team. The SME will play a key role in managing, optimizing, and evolving enterprise-grade EDR/XDR platforms across multiple client environments. This role demands strong technical expertise, analytical thinking, and a proactive approach to improving platform performance, automation, and service delivery.

Key Responsibilities:

Platform Administration & Optimization

Own the administration, configuration, and tuning of EDR/XDR platforms (e.g., Microsoft Defender, Cybereason, SentinelOne, CrowdStrike,).
Maintain and optimize policies, exclusions, and performance baselines.
Conduct regular platform health checks, upgrades, and patch validations.
Manage multi-tenant or multi-client environments within SaaS/Hybrid EDR deployments. Incident Support & Advanced Troubleshooting
Serve as the highest escalation point (L3) for complex platform or endpoint issues.
Collaborate with SOC teams during critical incidents for technical deep-dive analysis.
Perform root cause analysis and provide platform-level remediations. Automation & Operational Excellence
Develop scripts or playbooks (PowerShell, Python, API integrations) to automate repetitive administrative tasks.
Identify areas for process improvement to enhance speed, efficiency, and reliability of the MEDR service. Service Delivery & Client Support
Work closely with client security teams and product owners for change management, onboarding, and continuous improvement.
Create and maintain detailed operational documentation, SOPs, and configuration baselines.
Provide technical inputs during service reviews and roadmap discussions. Security Engineering & Continuous Improvement
Contribute to EDR policy enhancements, integration with SIEM/SOAR tools, and telemetry enrichment.
Research and test new EDR features, threat detection techniques, and best practices.
Mentor L1/L2 analysts and guide them on advanced EDR operations.

Required Skills & Qualifications:

Strong hands-on experience with Cybereason, Microsoft Defender for Endpoint, SentinelOne, CrowdStrike, or Cortex XDR (at least two mandatory).
Deep understanding of endpoint security architecture, EDR telemetry, and threat hunting workflows.
Experience in policy fine-tuning, device group management, automation (PowerShell, Python), and API-based integrations.
Knowledge of Windows, macOS, and Linux endpoint internals and troubleshooting.
Familiarity with MITRE ATT&CK, incident lifecycle, and EDR-SIEM integrations.
Excellent documentation, communication, and cross-functional collaboration skills.
Strong analytical and problem-solving skills.
Ownership mindset with ability to operate independently.
Mentorship and knowledge-sharing orientation.
Continuous learner attitude towards emerging EDR and XDR technologies.

Skills

SentinelOne, EDR, Crowdstrike, Cybereason

About UST

UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

More Jobs at UST Global

Lead I - TR

Coimbatore

5.0 - 7.0 yrs

Salary: Not disclosed

Lead I - Software Engineering (Adobe Marketo Engineer)

Cochin

5.0 - 5.0 yrs

INR 4 - 7 Lacs

Lead I - Software Engineering - AS400

Thiruvananthapuram

5.0 - 7.0 yrs

INR 5 - 7 Lacs

Lead I - Software Testing (Performance Test / Jmeter)

Thiruvananthapuram

5.0 - 7.0 yrs

INR 5 - 8 Lacs

Scrum Master I

Pune, Maharashtra

9.0 - 9.0 yrs

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Python Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Enhance Your Python Skills

Practice Python coding challenges to boost your skills

Start Practicing Python Now

UST Global

Information Technology Services

Oxnard

Login to

Please Verify Your Phone or Email

Confirm Action

L3 EDR SME