Cybersecurity Engineer
Share
Job Location:
Monthly Salary:
Posted on:
4 days ago
Vacancies:
1 Vacancy
Job Summary
Job Description:
Incident Investigation & Response:
Perform in-depth analysis of escalated alerts from CrowdStrike SIEM & EDR identifying root causes and true impact.
Execute containment and remediation actions for malware ransomware and unauthorized access.
Endpoint & Policy Management:
Administer Microsoft Intune for device enrollment health monitoring and security baseline enforcement.
Manage and tune CrowdStrike protection policies including exclusions and sensor health.
Data Protection & Compliance:
Configure and optimize Microsoft Purview DLP policies across Endpoints Exchange SharePoint and Teams.
Manage Purview sensitivity labels and information governance to safeguard PII and sensitive assets.
SOC Engineering:
Fine-tune SIEM correlation rules and dashboards to reduce false positives and improve detection fidelity.
Develop and maintain incident response playbooks and operational documentation.
Technical Skills:
Tools: Advanced SIEM (Splunk/Sentinel) EDR (CrowdStrike/Defender) and Forensics (FTK/Volatility).
Deep Forensics: Perform log malware and network traffic analysis (PCAP/EDR).
Analysis: Static/Dynamic malware analysis and root cause investigation.
Threat Hunting: Conduct proactive hunts to identify hidden IOCs and TTPs.
Scripting: Automation via Python PowerShell or Bash.
Frameworks: Mastery of NIST IR lifecycle and MITRE ATT&CK.
Acceptance Criteria:
Work Mode: 100% Work from Office (WFO)
Schedule: Rotational shifts and rotational weekly offs.
Experience: Minimum 4 years in dedicated SOC/IR roles.
