Role - IT Security Analyst/Engineer (EDR & DLP)
Location: New Jersey
JD:
Primary Responsibilities:
• Provide administration and operational support for endpoint security technologies
• Document all product related details in runbooks, design, and/or configuration documents
• Carry out regression testing and analysis with any endpoint security technologies
• Follow release management processes and best practices for deployment, enhancements, and upgrades.
• Work closely with Security operations center and other security groups during investigations.
• Demonstrate mastery in log file analysis, fault isolation and diagnostic/assessment actions including root cause analysis, followed by the determination and self-directed execution of corrective actions.
• Drive automation efforts to continuously monitor and maintain security posture of operating systems.
• Maintain metrics and supporting analytics on System and endpoint Security.
• Provide secondary assistance and operational support with EDR (Endpoint Detection and Response), Anti-virus solutions
• Stay current on endpoint security best practices, active threats and mitigation strategies.
• Draft & execute the strategy to enhance the investments in current technologies and drive continuous innovation with new ideas to improve and mature endpoint security posture.
• Aggregate data across disparate platforms to design and develop alerting.
• Manage a portfolio of application-related projects and directly manage select projects within that portfolio.
Qualifications:
• 5 years of demonstrable and hands experience with endpoint security technologies
• Hands on experience with DLP technologies is a MUST for this position
• Demonstrated in-depth understanding of operating system (OS) internals, the mechanics of OS exploits with preventive and detective controls
• Demonstrated experience in investigating security incidents with ability to analyze logs to uncover details of the compromise, systems involved, threat techniques etc.
• Experience with scripting like Python, PowerShell etc., is highly preferred
• Knowledge of Splunk search language is preferred.
• Experience in creating trending, metrics, and management reports
• Strong interpersonal & communication skills working with remote peers over IM, phone & video.
• Experience working within the Financial Services Industry preferred
• Demonstrated ability to provide technical direction to other peer staff members, and to train new junior staff members on the security team
• Ability to elicit confidence and build rapport across multiple disciplines.
• Self-motivated; able to learn on own initiative
• Strong skills in organizing workflow, ideas & materials
• Excellent documentation skills
• Security certifications like Ethical Hacking or other specialized endpoint security certifications are preferred
• B.S in Technology or Related area (proven experience can be used as a substitute).