About the Role

We are in search of a skilled and experienced Endpoint Security Engineer. This role will focus exclusively on the management of the endpoint security product in daily operations. Candidate will ensure the security and functionality of EDR services, assist in the resolution of issues and the implementation of best practices. The candidate will handle the daily issue with EDR with end users and take necessary actions based on the ITIL process. Closely working with Level 2 engineers and other cybersecurity professionals to resolve complex issues and ensure that EDR tools are functioning optimally.

Key Roles & Responsibilities:

Administration and BAU Operations

• Monitor EDR dashboards and alerts to detect security threats and anomalies.
• Perform initial triage, investigation, and response to endpoint security incidents.
• Ensure EDR agent health, updates, and policy enforcement across all managed devices.
• Collaborate with team to escalate unresolved security threats and incidents to L3 teams

Device Management & Security Enforcement:

• Deploy, configure, and maintain EDR agents on Windows, macOS, and Linux endpoints.
• Assist in managing endpoint policies, exclusions, and security configurations.
• Ensure endpoint compliance with security standards and industry best practices.
• Troubleshoot agent installation, connectivity, and performance issues.

Incident & Problem Management:

• Investigate and resolve EDR-related issues, coordinating with IT and security teams.
• Assist in Root Cause Analysis (RCA) and remediation of endpoint security incidents.
• Document and escalate persistent issues to L3 engineers or vendor support.

Reporting & Compliance:

• Generate reports on EDR agent status, threat detections, and remediation actions.
• Support compliance audits by providing endpoint security logs and configurations.
• Follow change management and ITIL processes for security updates and policy changes.

Basic Qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, or related field.
• Security certifications such as CrowdStrike CCFA, Trellix Certified Specialist, CompTIA Security+, or Microsoft Security Certifications (preferred).
• 1 to 3 years of experience in EDR operations, endpoint security, and device management.
• Hands-on experience with either or Trellix, CrowdStrike Falcon, and Secure Cloud EDR solutions.
• Knowledge of malware detection, forensic analysis, and threat intelligence.
• Familiarity with SIEM integration, endpoint compliance, and security policies.
• Basic scripting knowledge (PowerShell, Python, Bash) for automation (preferred).
• Strong problem-solving and troubleshooting skills.
• Good communication and teamwork abilities.
• Ability to work in rotational shifts (if required) and handle security incidents.

Preferred Qualifications

• Bachelor’s degree, in computer science, or information technology
• ITIL Foundation
• Experience with working in shifts and handling multiple client deployments