L2 Security Operations Engineer – End Point Security

L2 Security Operations Engineer – End Point Security
22
Mumbai
Job Views:
Created Date: 2026-07-18
End Date: 2026-09-15
Experience: 5 - 6 years
Salary: 70000
Industry: Ed -Tech
Openings: 1
Primary Responsibilities :
Endpoint Detection & Response (EDR)
- Lead response for P1 and P2 endpoint security incidents.
- Perform advanced forensic and behavioral analysis.
- Investigate:
- Malware infections
- Ransomware attacks
- Advanced Persistent Threats (APT)
- Lateral movement
- Persistence mechanisms
- Develop and implement remediation strategies.
- Coordinate containment and eradication across affected endpoints.
- Conduct post-incident reviews and recommend preventive actions.
Trend Micro Deep Security
- Investigate advanced IPS, malware, and integrity monitoring alerts.
- Lead response to server-side security incidents.
- Evaluate and improve detection logic.
- Recommend:
- Policy tuning
- Security exclusions
- Hardening measures
- Support compliance audits and reporting related to File Integrity Monitoring (FIM).
File Integrity Monitoring (FIM)
- Perform root cause analysis for critical file change incidents.
- Identify indicators of compromise (IOC) and privilege escalation.
- Improve FIM baselines and reduce false positives.
- Support regulatory and compliance investigations.
Network Access Control (NAC)
- Investigate advanced Aruba ClearPass incidents.
- Respond to:
- Rogue devices
- Compromised endpoints
- Repeated access violations
- Recommend posture assessment improvements.
- Correlate NAC events with SIEM and endpoint security alerts.
Incident Response
- Lead technical investigations during security incidents.
- Perform endpoint forensic analysis.
- Execute containment, eradication, and recovery activities.
- Maintain incident documentation.
- Participate in incident war rooms.
SOC Leadership
- Act as technical escalation point for L1 SOC analysts.
- Develop and improve:
- SOPs
- Runbooks
- Detection playbooks
- Support SOC maturity initiatives.
- Contribute to automation and use-case improvements.
- Provide technical input during customer reviews and audits.
Experience Requirements:
Educational Qualification
- Bachelor's Degree in:
- Computer Science
- Information Technology
- Cyber Security
- Electronics
- Related Engineering Discipline
Experience Required
- 5+ years of experience in:
- Security Operations Center (SOC)
- Endpoint Detection & Response
- Incident Response
- Cyber Security Operations
Technical Skills
Endpoint Security
- Endpoint Detection & Response (EDR)
- Endpoint Threat Analysis
- Malware Investigation
- Ransomware Analysis
- Threat Hunting
- Endpoint Forensics
- Incident Response
Security Platforms
- SentinelOne
- Trend Micro
- Trellix
- Aruba ClearPass
- SIEM Platforms
- Threat Intelligence Platforms
Security Technologies
- File Integrity Monitoring (FIM)
- Network Access Control (NAC)
- Threat Intelligence
- Behavioral Analysis
- Security Monitoring
- Incident Documentation
Security Frameworks
- MITRE ATT&CK
- Cyber Kill Chain
- Incident Response Frameworks
Key Competencies
- Advanced Threat Investigation
- Endpoint Security
- Incident Response
- Malware Analysis
- Root Cause Analysis
- Threat Hunting
- Security Operations
- SIEM Correlation
- Analytical Thinking
- Problem Solving
- Stakeholder Communication
- Leadership & Mentoring
Preferred Certifications
- CEH (Certified Ethical Hacker)
- GCED
- GCIA
- Advanced EDR Vendor Certifications
- Incident Response Certifications
- Digital Forensics Certifications
