Security Engineer L3 (Endpoint Security)
Be among the first applicants.
Rackspace Technology
Bengaluru, Gurugram District
INR 8,00,000 - 15,00,000
Be among the first applicants.
7 days ago
Job description
What we are looking for
To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspace's strategic customers.
This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection Response (EDR) services to customers.
The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers.
You will also be required to liaise closely with the customer’s key stakeholders, which may include incident response and disaster recovery teams as well as information security.
Key Accountabilities
- Ensure the Customer's operational and production environment remains healthy and secure at all times.
- Assist with customer onboarding - customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s).
- Advance platform administration.
- Critical platform incident handling closure.
- As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process.
- As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection Response.
- Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams.
- Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s).
- Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security.
- Coordinate with vendor for issue resolution.
- Required to work flexible timings.
Skills Experience
- Should have 8+ years experience in Security Engineering.
- Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection Response.
- Experience of working with cloud native Endpoint Security and Endpoint Detection Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud.
- Experience of working in two (or more) of the following additional security domains:
- SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc.
- AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail.
- Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis.
- Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls.
- Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.
- Knowledge of scripting and coding with languages such as Terraform, Python, JavaScript, Golang, Bash and/or PowerShell.
- Knowledge of Malware reverse engineering, threat detection and threat hunting.
- Computer science, engineering, or information technology related degree (although not a strict requirement).
- Holds one, or more, of the following certificates (or equivalent): -
- Microsoft Certified: Azure Security Engineer Associate (AZ500)
- Microsoft Certified: Security Operations Analyst Associate (SC-200)
- Systems Security Certified Practitioner (SSCP)
- Certified Cloud Security Professional (CCSP)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Operations Certified (GSOC)
- CrowdStrike admin Certified
- A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.
- A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.
- Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure.
- An individual who shows a willingness to go above and beyond in delighting the customer.
- A good communicator who can explain security concepts to both technical and non-technical audiences.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
