SME - EndPoint (EDR)

Job Description:

Job Title : SME - EndPoint (EDR)
Location: Bangalore
Experience: 6+ Years
Shift: 24/7 rotational shifts

Key Skill:Cortex XDR

Key Responsibilities

Implementation & Configuration

• Lead the deployment of Cortex XDR across endpoints, servers, and cloud workloads.
• Design and implement Cortex XDR architecture aligned with client security policies and compliance requirements.
• Integrate Cortex XDR with SIEM platforms, firewalls, and other security tools.
• Configure data ingestion pipelines, log sources, and telemetry collection.

Fine-Tuning & Optimization

• Develop and refine detection rules, behavioral analytics, and threat intelligence feeds.
• Customize alerting thresholds, suppression rules, and response playbooks.
• Conduct tuning workshops with stakeholders to reduce false positives and improve detection efficacy.
• Perform regular health checks and performance optimization of the Cortex XDR platform.

Project Transition & Handover

• Prepare detailed documentation for operational handover to L1/L2 SOC teams.
• Conduct knowledge transfer sessions and training for SOC analysts.
• Define and implement SOPs, runbooks, and escalation workflows.
• Ensure seamless transition of the project into BAU (Business-As-Usual) operations.

Threat Hunting & Incident Response

• Lead proactive threat hunting using Cortex XDR analytics and telemetry.
• Support investigation and remediation of advanced threats and incidents.
• Collaborate with threat intelligence teams to enrich detection capabilities.

Stakeholder Management

• Act as the primary technical point of contact for Cortex XDR-related activities.
• Liaise with client security teams, vendors, and internal stakeholders.
• Provide regular status updates, risk assessments, and improvement recommendations.