Looking for a workplace where people realize their full potential, are recognized for the impact they make, and enjoy the company of the peers they work with? Welcome to Zensar! Read on for more details on the role and about us.
Whats this role about?
Deploying, managing, troubleshooting, and leveraging the SentinelOne platform to strengthen an organizations cybersecurity posture
Key Responsibilities: -
Responsibilities for the role using the SentinelOne platform include:
- Deployment & Configuration: Leading the implementation and rollout of SentinelOne agents across various endpoints, servers, and cloud workloads.
- Policy Management: Designing, implementing, and maintaining detection and response policies, tuning to reduce false positives while ensuring maximum threat coverage.
- Monitoring & Response: Monitoring and triaging alerts, performing advanced threat hunting, and coordinating incident response activities with SOC (Security Operations Center) and Incident Response teams.
- Integration & Automation: Integrating the SentinelOne platform with other security tools like SIEM (Splunk, Microsoft Sentinel) and SOAR platforms using APIs and scripting languages (PowerShell, Python).
- Troubleshooting & Maintece: Conducting L3-level troubleshooting for agent performance, connectivity issues, and policy conflicts. Leading upgrade planning for new console and agent versions.
- Documentation & Training: Creating and maintaining internal documentation, solutions, and best practices. Mentoring junior analysts and engineers on the platforms usage.
Required Skills and Qualifications
Need to have a blend of cybersecurity knowledge and technical skills:
- Experience: 5+ years of experience in endpoint security, security operations, or incident response, with significant hands-on experience using SentinelOne Singularity EDR (Endpoint Detection and Response) or other similar EDR platforms.
- Technical Knowledge: Strong understanding of Windows, macOS, and Linux operating systems, as well as endpoint threat detection and prevention methodologies.
- Cybersecurity Frameworks: Familiarity with cybersecurity concepts like the Cyber Kill Chain, IOC (Indicator of Compromise) analysis, and the MITRE ATT&CK framework.
- Scripting: Proficiency in scripting languages (e.g., Python, PowerShell) for data collection, automation, and tool development.
- Communication: Excellent communication skills to effectively collaborate with cross-functional teams and potentially interact with customers or leadership for reporting and audits.
- Certifications: Relevant security certifications (e.g., GCED, GCFA, SANS certifications) or SentinelOne-specific certifications are preferred
