Endpoint protection Engineer

Job Summary

The Endpoint Protection L3 position specializing Microsoft Defender, is a technical role responsible for managing and supporting the Endpoint security infrastructure.

Managing and maintaining the Microsoft Defender security infrastructure, which includes deploying and configuring the software, managing policies, and ensuring that the system is up-to-date with the latest patches and updates.

Troubleshooting and resolving Endpoint security issues, which may include investigating security incidents, analyzing logs, and working with other teams to identify and remediate security vulnerabilities.

Developing and implementing Endpoint security best practices, including creating and updating policies, procedures, and guidelines for the use of Endpoint security tools and technologies.

Participating in security audits and assessments, including reviewing, and analyzing Endpoint security logs and reports, and working with compliance team to address any identified issues or vulnerabilities.

Providing training and support to team members on Endpoint security tools and technologies, and promoting security awareness and best practices throughout the organization.

Collaborating with other ITteams, such as network and infrastructure teams, to ensure that Endpoint security is integrated with other IT systems and technologies.

Expertise in PowerShell/bash scripting and creating visually appealing dashboards using PowerBI. Experience in automating manual processes and ensuring the efficient operation of our endpoint protection systems.

Overall, the Endpoint Protection L3 position requires a strong technical background in Endpoint security, with experience in managing and supporting Microsoft Defender security suite, and automating manual process using scripting. The role also requires excellent communication and collaboration skills, as well as the ability to work independently and manage multiple tasks and priorities.

Functional responsibilities

• Ensure escalations from Operation /Customer/Cross teams are handled well and on time (Incidents and Events).
• Responsible for Project Deliverables
• Managing Task
• Problem Management
• Change Management
• Incident Management
• Configuration (CMDB/ inventory) Management
• Capacity planning, performance tuning
• To document /SOP/Documents/How to's
• To Build and maintain Knowledge Base for UCB
• Technical Team Building
• Daily Meet with the Team
• Knowledge Transfer/ Mentor/ Coaching
• Technical discussion
• Design, Test and implement Microsoft Endpoint Security related technologies
• Develop and maintain PowerShell scripts to automate manual processes, streamline workflows, and enhance operational efficiency.
• Conduct regular assessments of endpoint security configurations, policies, and procedures, and implement necessary updates.
• Provide L3 support for endpoint protection-related incidents, troubleshooting complex issues, and resolving them in a timely manner.
• Stay up-to-date with industry trends and best practices in endpoint protection, threat intelligence, and cybersecurity.
• Mentor and provide guidance to junior members of the team, sharing your knowledge and expertise.
• Check system logs for errors and take necessary actions to restore normal service (troubleshooting, escalation to system owner/local system admins...)
• Will be a member of Service Restoration Team during an emergency situation
• Plan and implement Disaster Recovery solutions
• Testing and implementing application related updates and service packs
• Responsible for transitioning support to Operations
• Training and mentoring cross teams
• Provide support for validation activities by running required protocols (Installation Qualification, Operational Qualification...) on the Endpoint Security Infrastructure.
• Open support calls with Microsoft/3rd party vendor Support if required.
• Provide regular reporting on infrastructure status: Endpoint Security agent's version, Security products versions and etc.
• Create and customize dashboards using PowerBI or similar visualization tools, providing insightful visual representations of endpoint protection metrics and trends based on customer requirements.

Job Qualifications

Education

Minimum qualification Graduate /B. E / B. Tech/ Diploma (Full Time)

Certifications

Latest Certification on cyber security will be added advantage (not mandatory).

Experience

7 - 10 years' experience, in which at least 5+ years direct work experience with Enterprise grade Endpoint Security products, like Microsoft Defender suite, McAfee Endpoint security suite.

Hands on experience on Latest technologies: Microsoft Defender Antivirus, Bitlocker, Credential Guard, Application Guard, Applocker, Defender for Endpoint, Defender for Cloud Apps is required

Extensive knowledge of call logging system (BMC Remedy etc.)

Mandatory Skills

Excellent analytical and communication skills, a creative mind, and a problem-solving attitude Team-player attitude but you can work independently

Worked on Endpoints for examples Laptops, Workstations, servers etc

Hands-on experience in automating using powershell/bash/visual basic scripting Hands-on experience in creating and customizing dashboards using PowerBI.

Strong knowledge of KQL (Kusto Query Language) for querying and analyzing large datasets.

Proficiency in scripting languages (e.g., Python, PowerShell) for automation and data manipulation.

Expected Qualities

• Good communication skills (Good in spoken and written English. Neutral English Accent
• Guardian of IT established rules and intend to provide accurate, uniform, and high-quality information to the end-users.
• Proactive.
• Multi-tasking, "curious" and constantly willing to learn new stuff to be constantly involved in IT needs.
• Willingness to take initiative and Self-driven.
• Ability to communicate and work with people from across the world