Secops L3

PETADATA is looking for a

• The candidate should be able to proactively manage and maintain Endpoint Security Systems (Anti-Virus platforms, ATP and EDR)
• Should be able to review customer and internal Endpoint Security Systems to maintain security compliance.
• Must be able to perform an in-depth analysis of endpoint solutions for detection and response of Phishing/SPAM Emails
• Must have hands-on experience in operational support & maintenance for endpoint security solutions (e.g., Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application, whiteListing, EDR).
• Candidates should upgrade and patch Antivirus security platform products to the latest versions.
• Should lead significant SOC project, focused on enhancements to detection and incident response capabilities and other improvements to SOC workflow/automation/process/documentation.
• Candidates must do architect security solutions includes cyber response automation, threat intelligence, user analytics, security infrastructure technologies, and application/software protections.
• Must have the experience to serve as an escalation point for Threat analysts and complex/unusual alerts/cases/requests/incidents.
• Should be able to evaluate gaps and assign training for Threat analysts to ensure consistent quality in response.
• Candidates should conduct performance reviews and develop growth strategies for direct reports.
• Must be able to develop and manage metrics based on operational load, process effectiveness, and supportability of the SOC.
• Should provide management oversight of Incidents and manage shifts
• Strong verbal and written communication is a must to be able to deliver complex topics.

• Candidates must have a deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies in a complex, federated enterprise environment.
• You must have Hands-On experience in any of these tools Microsoft Defender ATP, Trend Micro Antivirus, Carbon Black, CrowdStrike, and SentinelOne EDR.
• Should have experience working with EDR or incident response toolkits, developing custom use cases, and fine-tuning the correlation rules
• Must be well versed with cyber security management includes security controls architecture, incidents preparedness, and response, threat intelligence, vulnerability management, and security event analytics and correlation
• Should possess excellent awareness of configuring policies and exclusions
• Hands-on experience in Information security concepts or areas such as incident management, security operations, vulnerability management, identity, and access management, or network security
• The candidate should have experience in leading and advising clients on security to include risk, governance, technology, regulatory drivers, and IT security and frameworks such as NIST, ISO, and ITIL standards.
• To understand security audit standards, articulate market trends, and ability to understand the competitive landscape.
• Should have demonstrated experience in building and managing a practice. Ability to work with Security team members will be communicating with other teams (Hybrid Cloud, Digital Workplace, DevOps, etc.) for integrated security offerings.
• Must have demonstrated knowledge of common adversary tactics, techniques, procedures and have the ability to increase the effectiveness of a Security Incident management
• Should have a good understanding of Information Security compliance regulations, frameworks, requirements (PCI, SOX, HIPAA)
• Must have a team-focused mentality with the proven ability to work effectively with diverse stakeholders
• Relevant Technical Security Certifications (i.e., GIAC, CISSP, EC-Council, Offensive Security, etc.) are plus.
• Must have excellent communication, documentation, and customer-facing skills

• Bachelor's/ Master’s degree in Computer Science, Engineering, or a related field.
• Candidates should have 12+ years of experience planning, designing, and implementing Endpoint Detection & Response (EDR) solutions.
• The candidate should have 7+ years of experience with Azure and AWS Cloud technology.