Engineer I - EDR | On-site, Bangalore

Endpoint Engineer, Cyber Operations is responsible for post-sales product and service implementation, ensuring exceptional customer service and meeting billing objectives. This role requires expertise in endpoint security platforms (AV, EDR, XDR, DLP, Encryption), malware analysis, and security technologies like SIEM and UEBA. Responsibilities include performing regular checks, providing policy recommendations, triaging alerts, and collaborating on secure product development. The position demands availability during US working hours and participation in a 24x7 on-call operation, focusing on secure product implementation and operational support.

Must Have

• Experience in Endpoint Security Platforms (AV, EDR, XDR, DLP, Encryption)
• Knowledge of Malware / Threats
• EDR administration (CrowdStrike, Sentinel One, Paloalto Cortex XDR)
• Perform regular security checks and health monitoring
• Provide security policy recommendations to customers
• Triage malware alerts
• Working knowledge of SIEM, DLP, UEBA, and Cloud Security
• Experience with Workstation and Server technologies
• Knowledge of deployment and MDM tools
• Sound security engineering knowledge
• Proficiency in ITIL, Incident, Change, and Problem Management
• Ability to participate in 24x7 on-call operations
• Strong reporting and documentation skills
• Bachelor's degree in Computer Science or related field
• 4+ years expertise in Cybersecurity core Technology Areas
• Thorough understanding of large-scale environments
• Strong presentation and communication skills
• Process-oriented with attention to detail and organizational skills
• Expert knowledge of Microsoft Office
• Ability to build relationships and influence
• Well-developed negotiation and consensus-building skills
• Strong interpersonal skills
• Ability to manage multiple parallel tasks
• Availability during US working hours (5PM IST to 2AM IST)
• Work from Office role in Bangalore

Perks & Benefits

• Commitment to Diversity, Equality, and Inclusion through Employee Resource Groups
• Work/life balance
• Professional training resources
• Creative problem-solving and ability to tackle unique, complex projects
• Volunteer Opportunities (Optiv Chips In)
• Ability and technology for productive remote/from home work (where applicable)

Endpoint Engineer, Cyber Operations is responsible for post-sales product and service implementation. Endpoint Engineers are responsible for completing assigned projects in a manner consistent with the team’s Operational Standard, which emphasizes the importance of providing exceptional customer service. They are also responsible for meeting consulting billing objectives.

How you'll make an impact:

• Experience in Endpoint Security Platforms e.g. AV, EDR, XDR, DLP, Encryption, etc.
• Good knowledge on Malware / Threats
• Working knowledge (EDR administration) on endpoint security technologies like Antivirus, EDR, XDR (CrowdStrike, Sentinel One, Paloalto Cortex XDR), DLP, Encryption
• Performing regular checks on synchronization, monitoring and health checks
• Provide recommendations to the Customer security team on changes to global policies. Analyze application & Configuration settings, Policies & custom rule sets, historical performance data & provide recommendations.
• Working knowledge of triaging malware alerts
• Working knowledge of security technologies such as SIEM, DLP, UEBA and hybrid/Cloud Security environments
• Knowledge of and experience with related Workstation and Server technologies.
• Knowledge on deployment tools and MDM tools
• Sound security engineering knowledge (technical) so as to work collaboratively with the Tech Leads and software/products architects to ensure secure Products.
• Good Knowledge on ITIL, Incident Management, Change Management and Problem Management including analysis and response.
• Understand and manage the requirements of being part of a 24x7 on-call operation, including but not limited to, shift hand-over, operational advice, guidance, support and escalation.
• Good knowledge on reporting, documentation etc

What we're looking for:

• A Bachelor of Science degree in Computer Science or related field is required.
• Expertise with one or more of Cybersecurity core Technology Areas: Security Event Management, Content Protection (DLP, Encryption, Access Control), Endpoint Security typically obtained in 4+ years.
• Thorough understanding of large-scale environments
• Strong presentation and verbal communication skills
• Process-oriented individual with strong attention to detail, and strong organizational skills.
• Excellent, detailed writing skills
• Expert knowledge of using Microsoft Office.
• Ability to build relationships with and influence other functional areas.
• Well-developed negotiation skills.
• Ability to build consensus.
• Strong interpersonal skills
• Ability to manage multiple tasks in parallel.
• This role demands the availability during US working hours(5PM(IST) to 2AM(IST))
• This role is Work from Office role.

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)