Cyber Security -MSS- Endpoint Security E4

Cyber Security Analyst - MSS - Endpoint Security E4

Key Responsibilities

• Lead advanced

  endpoint security monitoring, threat detection, and incident response

  activities within a Managed Security Services (MSS) environment.
• Conduct in-depth analysis of security alerts, logs, and forensic data from

  Endpoint Detection and Response (EDR) / Extended Detection and Response (XDR)

  platforms.
• Perform complex

  malware analysis, forensic investigations

  , and root cause analysis for endpoint-related security incidents.
• Develop, optimize, and fine-tune

  endpoint security policies, rules, and configurations

  across various EDR/Antivirus solutions.
• Provide

  L3/L4 escalation support

  and guidance to junior analysts, mentoring and contributing to their skill development.
• Proactively hunt for threats on client endpoints using advanced tools and techniques.
• Create detailed incident reports, post-mortems, and provide actionable recommendations for remediation and prevention.
• Stay current with the latest endpoint security threats, vulnerabilities, and industry best practices.
• Collaborate with clients and internal teams to enhance security posture and deploy new endpoint security initiatives.

Qualifications

• Proven extensive experience (typically 7+ years) in a

  Cyber Security role

  with a strong focus on

  Endpoint Security

  and

  Managed Security Services (MSS)

  , including significant

  L3/L4 support

  experience.

Skills Required:

• Expert-level proficiency with leading EDR/XDR platforms

  (e.g., CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, Carbon Black, Palo Alto Networks Cortex XDR).

• Deep understanding of endpoint operating systems

  (Windows, Linux, macOS) and common attack vectors.

• Extensive experience in incident response methodologies

  specific to endpoint compromise.

• Proficiency in forensic analysis techniques and tools

  for endpoint investigations.
• Strong knowledge of

  malware analysis concepts

  and anti-malware technologies.
• Experience with

  SIEM platforms

  (e.g., Splunk, Microsoft Sentinel) for integrating endpoint data.
• Excellent analytical, problem-solving, and communication skills to articulate complex security issues.
• Relevant advanced cybersecurity certifications (e.g., SANS GCFE, GCFA, GCIH, CySA+, SC-200, SC-300, SC-400, SC-900).

Preferred Skills:

• Experience with scripting languages (e.g., Python, PowerShell) for automation and data analysis.
• Knowledge of cloud security concepts and endpoint protection in cloud environments.
• Familiarity with threat intelligence frameworks (e.g., MITRE ATT&CK).
• Prior experience in a client-facing MSS role.