Cira Tek
Create Better It Solutions
Full Time
Illinois, Springfield
Posted 2 years ago
Responsibilities:
- Provide administration and operational support for endpoint security technology covering EDR (Endpoint Detection and Response), Anti-virus & DLP solutions
- Follow release management processes and best practices for deployment, enhancements and upgrades.
- Provide Subject Matter Expertise and demonstrate in-depth understanding of the TTPs (Tactics, Techniques and Procedures) used by threat actors against endpoints. Leverage EDR, Next-Gen AV and other security controls to protect systems against internal and external threats.
- Work closely with Security operations center and other security groups during investigations.
- Demonstrate mastery in log file analysis, fault isolation and diagnostic/assessment actions including root cause analysis, followed by the determination and self-directed execution of corrective actions.
- Employ and leverage APIs when applicable to aggregate & enhance data to safeguard systems.
- Drive automation efforts to continuously monitor and maintain security posture of operating systems.
- Stay current on endpoint security best practices, active threats and mitigation strategies.
- Draft & execute the strategy to enhance the investments in current technologies and drive continuous innovation with new ideas to improve and mature endpoint security posture.
- Aggregate data across disparate platforms to design and develop alerting.
- Maintain metrics and supporting analytics on System and endpoint Security.
- Manage a portfolio of application-related projects and directly manage select projects within that portfolio.
Qualifications:
- 5+ years of demonstrable and hands experience with endpoint security technologies
- Hands on experience with EDR technologies is a MUST for this position.
- Demonstrated in-depth understanding of operating system (OS) internals, the mechanics of OS exploits with preventive and detective controls
- Demonstrated experience in investigating security incidents with ability to analyze logs to uncover details of the compromise, systems involved, threat techniques etc.
- Experience with scripting like Python, PowerShell etc., is highly preferred
- Knowledge of Splunk search language is preferred.
- Experience in creating trending, metrics, and management reports
- Strong interpersonal & communication skills working with remote peers over IM, phone & video.
- Experience working within the Financial Services Industry preferred
- Demonstrated ability to provide technical direction to other peer staff members, and to train new junior staff members on the security team
- Ability to elicit confidence and build rapport across multiple disciplines.
- Self-motivated; able to learn on own initiative
- Strong skills in organizing workflow, ideas & materials
- Excellent documentation skills
- Security certifications like Ethical Hacking or other specialized endpoint security certifications are preferred
- S in Technology or Related area (proven experience can be used as a substitute).