Jobs
Interviews

2 Defender Atp Jobs

Setup a job Alert
JobPe aggregates results for easy application access, but you actually apply on the job portal directly.

3.0 - 7.0 years

0 Lacs

karnataka

On-site

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help the organization become even better. Join us and build an exceptional experience for yourself, and contribute to creating a better working world for all. As a CMS-TDR Staff at EY, you will be part of the cyber security team and work as a SOC analyst to assist clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. **The Opportunity:** We are seeking a Security Analyst with experience in SIEM, EDR, and NSM solutions. **Your key responsibilities include:** - Providing operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Performing the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, NSM solutions. - Providing near real-time analysis, investigation, and reporting of security incidents for customers. **Skills and attributes for success:** - Customer Service oriented with a commitment to meeting customer needs and seeking feedback for improvement. - Hands-on knowledge of SIEM technologies like Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a Security analyst's perspective. - Exposure to IOT/OT monitoring tools like Claroty, Nozomi Networks is a plus. - Good knowledge and experience in Security Monitoring and Cyber Incident Response. - Familiarity with Network monitoring platforms like Fidelis XPS, ExtraHop and endpoint protection tools such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. **To qualify for the role, you must have:** - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification such as CEH, ECSA, ECIH, Splunk Power User. **What working at EY offers:** At EY, you will work on inspiring and meaningful projects with a focus on education, coaching, and personal development. You will have opportunities for skill development, career progression, and the freedom to handle your role in a way that suits you best. EY offers support, coaching, and feedback from engaging colleagues, along with an environment that emphasizes high quality and knowledge exchange. EY is dedicated to building a better working world, creating value for clients, people, and society, and building trust in the capital markets. With diverse teams in over 150 countries, EY provides trust through assurance and helps clients grow, transform, and operate across various domains.,

Posted 6 days ago

Apply

7.0 - 12.0 years

0 - 3 Lacs

Ratnagiri, Maharashtra, India

On-site

Key Responsibilities: Lead advanced incident response, including triage, containment, eradication, and root cause analysis. Perform forensic investigations, malware analysis, and threat hunting activities. Manage and fine-tune enterprise security solutions: SIEM, EDR, NDR, firewalls, IDS/IPS, DLP, WAF, VPNs , etc. Act as a subject matter expert (SME) for escalated security events from L1/L2 teams. Review and update runbooks, threat detection rules, and incident response procedures. Collaborate with threat intelligence teams to analyze IOCs, TTPs, and emerging threats. Perform regular vulnerability assessments and coordinate patch management with IT/DevOps. Conduct security reviews of infrastructure, applications, and network architecture. Ensure compliance with ISO 27001, NIST, GDPR, PCI-DSS , or other applicable standards. Automate security operations and incident response workflows using tools/scripts (e.g., Python, PowerShell). Mentor junior engineers and conduct technical training sessions. Required Skills and Qualifications: Bachelor's or Master's degree in Information Security, Computer Science, or related field. 510 years of hands-on experience in cybersecurity, with at least 23 years in an L3 or advanced SOC role. Expertise in managing and troubleshooting security tools: SIEM (Splunk, QRadar, ArcSight, etc.) EDR/XDR (CrowdStrike, SentinelOne, Defender ATP) Firewalls (Palo Alto, Fortinet, Cisco ASA) IDS/IPS, DLP, VPN, NAC, etc. Strong knowledge of cyberattack techniques , threat detection , and incident response lifecycle . Familiarity with MITRE ATT&CK , Cyber Kill Chain , STIX/TAXII , and YARA rules . Proficiency in scripting or automation (Python, Bash, PowerShell). Excellent documentation, troubleshooting, and analytical skills.

Posted 1 week ago

Apply
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Featured Companies