Partner with onshore security teams to operationalize, maintain, and enhance endpoint detection and response (EDR) capabilities using CrowdStrike.
Optimize the performance, reliability, and effectiveness of endpoint detections, response actions, and policy configurations to ensure comprehensive threat coverage.
Identify opportunities to improve endpoint visibility and detection by analyzing current workflows, detection logic, and endpoint behaviors.
Support continuous tuning of CrowdStrike detection rules, custom IOAs, and event correlation to reduce false positives and improve alert fidelity.
Collaborate across Information Security teams (Security Operations, Threat Intelligence, Vulnerability Management, Incident Response) to align on endpoint-focused detection strategies.
Monitor effectiveness of EDR detections, prevention policies, and response workflows; provide recommendations for continuous improvement.
Assist in the deployment and configuration of CrowdStrike sensors across endpoints, ensuring coverage, policy enforcement, and telemetry ingestion.
Provide technical expertise and guidance to onshore and offshore teams to support incident investigations, containment, and root cause analysis tied to endpoint threats.
Contribute to the development and maintenance of documentation, playbooks, and standard operating procedures (SOPs) for endpoint monitoring, response, and containment.
Stay current with emerging endpoint threats, attacker techniques, and CrowdStrike capabilities to proactively enhance detection and response.
ORGANIZATIONAL RELATIONSHIPS
Works closely with onshore security teams, including Security Operations, Vulnerability Management, Threat Intelligence, and Security Awareness.
Collaborates with cross-functional teams: Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration of security tools.
Partners with Identity and Access Management (IAM) teams to implement and maintain secure access controls.
Engages with external vendors and service providers to evaluate and integrate third-party security solutions.
Coordinates with internal stakeholders to align security initiatives with business and compliance requirements.
EDUCATION AND EXPERIENCE
Education:
University Degree in Computer Science or Information Systems is required.
MS or advanced security certifications preferred, such as:
Certified Information Systems Security Professional (CISSP)
Additional certifications highly preferred:
Offensive Security Certified Professional (OSCP)
GIAC Certified Vulnerability Assessor (GCVA)
Certified Ethical Hacker (CEH)
Experience:
Minimum 6+ years of experience in security operations, EDR (CrowdStrike), threat intelligence, and security engineering.
At least 2+ years in a regulated industry (e.g., pharmaceutical, Animal Health).
Experience working with global teams across multiple time zones.
Proven ability to work within diverse technical teams.
TECHNICAL SKILLS REQUIREMENTS
Strong hands-on expertise with CrowdStrike EDR, SIEM platforms, and threat detection engineering.
Proficiency in scripting and automation using Python, PowerShell, or Bash to streamline workflows.
Experience with cloud security tools and cloud platforms (AWS, Azure, GCP).
Strong grasp of network security concepts including firewalls, IDS/IPS, VPNs, and zero-trust architectures.
Familiarity with IAM solutions (Azure AD, Secret Server, SailPoint).
Solid understanding of incident response, vulnerability management, and threat lifecycle tools.
Knowledge of container security and DevSecOps practices.
Strong understanding of encryption, key management, and secure coding best practices.
Ability to analyze and interpret security data to identify trends, vulnerabilities, and threats.
Familiarity with compliance standards (e.g., GDPR, HIPAA, PCI DSS).
Fluent in written and spoken English, with the ability to communicate effectively with both technical and non-technical audiences.
PHYSICAL POSITION REQUIREMENTS
Must be available to work between 1 PM IST and 10 PM IST, with a minimum 3-hour overlap with US Eastern Time.
