Job Details:
Role: Endpoint Security Engineer
Work Location: Belapur, Navi Mumbai (Client Location – Banking Client)
Experience Required: 7+ Yrs
Company: Happiest Minds Technologies (Permanent/Full Time)
Mode of Work: Work from Office
Note: 1st & 3rd Saturdays of Every Month also working day (from office)
Deep Security/TrendMicro Apex One/Apex One SaaS/Vision One
Malware Analysis
Sandboxing
Ansible Playbooks
Antivirus
Experience
- Minimum 7 years in above mentioned platform technologies
-
- Working experience in technical implementation of AV/EDR.
- Hands-on experience in AV and EDR
- Working experience in providing security recommendations for deployment/ management of AV/EDR.
- Experience in Inter-technology, Inter-OEM integration from security perspective.
- Proficient in creating custom rules for identifying anomalies and to create response actions.
- Proficient in Platform and endpoint security solutions
- Broad knowledge and experience in networking, authentication mechanism, cryptographic controls etc. will be preferred.
Sandboxing
- In-depth understanding and expertise in sandboxing technology, including both hardware and software-based solutions.
- Proficiency in analysing malware samples within a sandbox environment to identify malicious behaviour and assess potential threats.
- Familiarity with various operating systems (Windows, Linux, etc.) commonly used in sandboxing environments.
- Ability to incorporate threat intelligence feeds and indicators of compromise (IOCs) into sandbox configurations for proactive threat detection.
- Capability to integrate sandbox solutions with broader security infrastructure, such as SIEM (Security Information and Event Management) systems. Proficiency in developing and fine-tuning
- Sandbox policies and configurations to effectively analyse and contain threats.
- Working experience in technical implementation of above-mentioned tools.
- Working experience in providing security recommendations for deployment/ management of platform tools.
- Proficient in Platform and PAM solutions
- Broad knowledge and experience in networking, authentication mechanism, directory services, cryptographic controls etc. will be preferred.
Essential Certification
- Specific technical certification in Anti-malware/ EDR technology (specific OEM details shall be informed later)
Roles and Responsibilities Scope of Work
- Assist in developing security Policies & Standards and reference Architecture for AV/EDR deployment.
- Assist in formulating policies for threat detection and response in AV/EDR.
- Provide guidelines for secure implementation of AV/EDR.
- Assist in finetuning the EDR solution by providing guidance regarding response actions to be created, assist in creation of custom detection models, creation of playbooks etc.
- Analyse the EDR alerts at a high level to understand the kind of threats seen by the organisation and suggest preventive methods to reduce the same.
- Have close coordination with IT and SOC team regarding the alerts observed and suggest process improvements to reduce the alert count.
- Suggest whitelisting of alerts based on analysis of alerts, in case they are false positives are activities which are required for business requirement.
- Proactive analysis of platform technologies for secure deployments, secure configurations against Global Security Best Practices.
- Assisting platform engineering team with security inputs while designing an architecture for the Bank for Security by Design.
- Developing platform security standards and guiding solution design to meet corporate requirements.
- Assist in corrective and preventive actions in case of security incidents.
- Guidance for preventive action based on security incidents and threat landscape in the public.
- Strategize and formulate high and low-level monitoring mechanism for security posture of platform technology deployments and advise measures to improve them.
- Strategize and formulate high and low-level monitoring mechanism for Infrastructure security technology and best practices, manage the organisation’s Infrastructure security strategy & controls and keep abreast of new technologies and capabilities.
- Possess and maintain in-depth technical and business knowledge of AV/EDR.
- Possess broad expertise with end-point and other platform technologies like directory services, authentication services etc.
- Taking proactive measures for enhancing the security posture of the Bank's IT Infrastructure by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERT etc.
- Ensure service metrics relating to security and assurance that Infrastructure technology configurations are compliant.
- Produce and track metrics for the effectiveness and maturity of Infrastructure security technologies and processes.
