Senior Security Operations Engineer - Endpoint Detection & Response

As a Security Operations (Cyber Security) professional, your role will involve leading a team of security analysts on an 8-hour rotational shift schedule. Your primary responsibilities will include conducting real-time security monitoring, responding to incidents across various networks, and maintaining support for the group's infrastructure to ensure service levels meet expectations. You will also be tasked with developing and managing Security Information and Event Management (SIEM) use cases, identifying and documenting incidents through proactive threat hunting procedures, and executing vulnerability assessments within the company's network infrastructure. Key Responsibilities: - Lead a team of security analysts through an 8-hour rotational shift schedule - Conduct real-time security monitoring and respond to incidents across various networks - Maintain support for the group's infrastructure to ensure service levels meet expectations - Develop and manage Security Information and Event Management (SIEM) use cases - Identify and document incidents through proactive threat hunting procedures - Execute vulnerability assessments within the company's network infrastructure - Design and refine the Incident Response Playbook for improved reaction protocols - Conduct thorough post-incident analyses to enhance and fine-tune the company's incident response processes - Scout for innovative control measures and solutions to bolster security - Actively offer innovative suggestions to advance the performance of the company's IT services - Promptly address incidents and service requests in accordance with established Service Level Agreements (SLAs) - Provide technical support for the company's security infrastructure, including SIEM, VPN, Antivirus, Endpoint Detection & Response (EDR), and Endpoint Management Systems - Possess a strong understanding of Windows/macOS operating systems - Monitor and manage security incidents for the company's headquarters and subsidiary companies - Employ creative problem-solving skills during security incidents and alert investigations - Undertake additional tasks such as generating monthly vulnerability reports, conducting ticket hygiene checks, and fostering process improvements Qualifications Required: - Strong understanding of Windows/macOS operating systems - Knowledge of integrating devices with Azure Active Directory and managing device enrollment with Microsoft Intune - Configuration experience with Microsoft Defender for endpoint protection As a key member of the Global IT team, your success will be measured by your ability to successfully resolve security incidents, infrastructure support, and service requests within SLAs. Additionally, your contribution towards improving processes, systems, and services provided by the company's IT will be crucial for achieving critical success factors.,