The role of an Endpoint Security administrator will be to ensure endpoint security administration and compliance, maintain security of all endpoint security agents and tools, monitor reporting and security auditing, permissions auditing, application support, and other miscellaneous security operations.
This position requires advanced technical skills along with extensive collaboration with internal users and vendors to identify, research, analyse and resolve complex security related issues and problems.
- Security administration & complete life-cycle management and support of endpoint configurations through security tools like CrowdStrike EDR, Zscaler & Cisco Umbrella (web security), Carbon Black Protection (application whitelisting), Safend & EPP DLP, Microsoft BitLocker, SCCM, etc.
- Endpoint Security management, audit, and reporting of all macOS (Catalina and above) operating systems.
- Endpoint Security management, audit, and reporting of all Cloud operating systems (Linux, AWS, Containers, etc.).
- Act as the subject matter expert and system administrator for all endpoint security tools.
- To ensure that the firm's internal and client data remains securely on it's provisioned hardware, and that the work of the consulting staff is not interrupted or hindered due to a security breach on their machine.
- Assist users with security related issues. Integrate and share information with other analysts and other teams as appropriate.
- Analyze and respond to previously undisclosed software and hardware vulnerabilities.
- Responsible for troubleshooting next-gen antivirus & other security application agent software issues.
- Responsible for tuning various security tools & technologies already in place.
- Review the existing SOPs & technical runbooks & also create new SOP documents/runbooks for innovative technologies/process.
- Other duties as assigned.
- Bachelor’s Degree in Information Technology, or any other related field.
- 3-5 years' experience as a Security Admin/ Analyst or equivalent knowledge.
- Strong knowledge in Operating systems – Linux, AWS, macOS (Catalina) and WinOS.
- Knowledge of various security methodologies and processes, and technical security solutions.
- Demonstrable experience of security related incidents.
- Basic Knowledge of Next Generation AV tools (like CrowdStrike, Cylance or any NGAV/EDR); Encryption tools (like Symantec PGP, MBAM, etc.); Application Whitelisting, Web Security and DLP tools.
- Strong research and highly analytical skills are required, especially with respect to event classification, event correlation, and root cause analysis.
- Must be a team player, dedicated, and proactive.
- Must possess excellent communication, problem-solving, and organizational skills.
- Ability to clearly present technical approaches or findings in oral and written format and to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Knowledge in managing JAMF Pro, iOS devices & AWS is added advantage.
- Candidate should be flexible and able to work in a 24x7 environment.
- Preferred Certifications: CEH, ECSA, Security+, CISM, etc.