Sr. Manager – Endpoint Security Analyst

Full Time
Posted 3 years ago

Job Description,

1)       Provide subject matter expertise on enterprise endpoint security risks, threats, technologies, and potential impact.

2)       Serve as specialist with expert level knowledge on enterprise endpoint security related technologies across the industry. Experience in evaluation or comparisons of various technology verticalssuch as Malware Protection, Behavioural and Community Detection Systems,Endpoint Protection, Desktop Firewall, HIPS, IDS / IPS, Data Loss Prevention, Network Access Control (NAC), Network Security, Encryption, Web / Internet Security, Email and Messaging Security, Patch Management, etc.

3)       Advanced knowledge of Windows, Linux, Unix and Mac infrastructures.

4)       Review, document, and analyze defensive security tactics and procedures.

5)       Define and implement policy and procedure for enterprise endpoint security covering all endpoint assets i.e. desktops, laptops, tablets, ipad, mobiles, etc. at the organization level.

6)       Collaborate to analyze attack vectors, gather evidence, and implement preventative controls.

7)       Analyze architecture and design of endpoint security technologies, integration of endpoint threats detection capabilities, and defensive countermeasures, perform risk assessment, identify gaps and develop implementation plan for remediation of endpoint security threats.

8)       Provide recommendations on strategies for improving endpoint security controls.

9)       Design and implement endpoint maturity models to evaluate the effectiveness of an organization’s endpoint program.

10)   Conduct assessments or evaluations using security frameworks.

11)   Design governance program to validate the compliance along with efficacy and effectiveness of the implementation and controls defined for endpoint security

12)   Design a mechanism to identify and monitor new evolving threats and ensure necessary modifications are done to the policy, procedures and controls to mitigate the risks.

13)   Translate technical discussions and information into non-technical material for presentation to leadership.

14)   Assess the endpoint incidents and RCA highlighted by SOC and CSIRT team and make appropriate changes to the policy, procedure, process and control to ensure the incidents are not repeated in future.

15)   Perform Risk Assessment on periodical basis and make appropriate changes to the policy, procedure and controls

16)   Define and implement MBSS / Policies / Rules for all endpoint assets and endpoint security areas.

17)   For each MBSS / policy, conduct exhaustive testing in UAT to understand the output of the policy, define comprehensive test scenarios, assess the impact on existing policies, identify bottlenecks / pain areas, evaluate the options to address the same and document the results along with residual risks.

18)   Perform periodic review of the MBSS / Policies / Rules and update with appropriate changes.

19)   Design a mechanism to identify and monitor new evolving threats and ensure necessary modifications are done to the MBSS / Policies / Rules where required.

  • Minimum of 5-7 years of hands-on technical information security experience.
  • Bachelor’s degree in Computer Science, Engineering, Software Development, or related field.
  • Minimum 5+ years of cyber operations, engineering, and / or architecture experience.
  • Minimum 3+ years in a leadership role in endpoint security.
  • CISSP, CEH, SSCP, SANS GIAC or OSCP certifications are preferred.
  • Intermediate knowledge of the cyber kill chain and defensive methodologies
  • Intermediate knowledge of security controls (NIST standards, ISO, PCI, COBIT, etc.)

Strong skills using Microsoft Office Suite (Word, Excel, Outlook).

  • Experience working with SIEM, packet capture solutions, endpoint solutions, API integrations, virtual infrastructure, system hardening, and forensic technologies.
  • Familiarity with security concepts like risk, vulnerabilities, data management, confidentiality, access controls, etc.
  • Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide meaningful products.
  • Ability to leverage well-honed online researching expertise to identify and navigate relevant online forums, including web sites, social media, and traditional sources for research and analysis.
  • Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
  • Familiarity and hands-on experience with automated scanning tools.
  • Competency with and demonstrated knowledge of network security, including LAN/WAN, wireless, web applications, server capabilities and information security concepts and technologies
  • Open Source Intelligence Experience

Excellent communication skills translating complex technical information across all levels of the organization

Job Features

Job CategoryBank
Weekends5 Days a Week
Working HoursBank Hours

Apply Online

A valid phone number is required.
A valid email address is required.