Primary Skills:
• Support during the investigation of suspected cyber security events
• Analysis and respond to the service request and incident related to security tools (Carbon Black,Armis, EDR,etc) and related policies
• Deep knowledge and hands on experience of TCP/IP suite and ICS protocols.
• Must have project excitation experience in the OT security tools like carbon black, crowdstrike, Armis, etc)
• Endpoint Detection Response (Carbon Black, CrowdStrike)
• Cyber ark design and maintenance expert level knowledge and hands on experience
.
Responsibilities:
• Supports Carbon Black Endpoint Detection and Response (EDR) applications and ensures cyber security service availability for the endpoints.
• Daily monitoring EDR & AV logs
• Monitor EDR dashboard for compliance, threats and further troubleshooting wherever required.
• Check if any incidents are missed by L1/L2 and follow up.
• Expert level of fine tune policies and provide service improve plans.
• Supporting L1 & L2 for unresolved tickets
• Advanced Policy creation & Change Management
• Evaluate risk before implementing new policies and discuss with SME
• Handling Major Incidents/Outages
• Analyse EDR Audit logs and fix upon approval.
• Conduct in-depth analysis of endpoint data and logs to identify indicators of compromise (IOC’s) and advanced attack techniques.
Minimum 7 year(s) of experience is required in OT security Tools (Carbon Black/Armies/VMDR/CrowdStrike/Cyber Arc).
