Job Description:
- Manage and Configure endpoint security tools (e.g., EDR, MDM).
- Monitor endpoint alerts and coordinate appropriate responses.
- Maintain device security baselines across operating systems (Windows/macOS).
- Monitor and analyze security alerts from SIEM and endpoint security tools.
- Investigate suspicious activities, perform incident triage, and coordinate containment.
- Maintain and update incident response documentation and workflows.
- Collaborate with other teams during incident response efforts.
- Support internal and external security audits by preparing evidence and documentation.
- Conduct phishing simulations and report on outcomes to stakeholders.
- Develop user-friendly guidance for secure use of end devices (e.g., laptops, mobile phones).
- Support basic Identity and Access Management (IAM) tasks.
- Perform basic administration of Google Workspace.
- Develop automation scripts to streamline routine security tasks (e.g., alert analysis, access management).
- Collaborate with product security engineers to improve operational efficiency using scripting tools (e.g., Python, PowerShell, or Bash).
Job Requirement:
- Strong understanding of endpoint security tools and security event monitoring.
- Hands-on experience with incident triage and response workflows.
- Basic knowledge of IAM principles (least privilege, RBAC, MFA).
- Hands-on experience with endpoint security tools (e.g., Wazuh, SentinelOne, Crowdstrike, Jamf, GCPW).
- Hands-on experience with Google Workspace Admin Console .
- Experience writing automation scripts (e.g., Python, PowerShell, or Bash) for security tasks.
- Basic understanding of ISO 27001 or NIST frameworks.
- Effective communication skills for both technical and non-technical audiences.
- Familiarity with phishing testing platforms.