Security Architect

Project Role :Security Architect

Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Endpoint Extended Detection and Response

Good to have skills :NAMinimum
5 year(s) of experience is required

Educational Qualification :15 years full time education
Summary:We are seeking a Lead EDR Engineer with expertise in Microsoft Defender for Endpoint (MDE) to lead its implementation, administration, and incident response. As the MDE expert, you will manage enterprise-wide deployment, optimize configurations, guide incident response efforts, and drive endpoint security strategy in collaboration with cross-functional teams. You will lead EDR strategy design, mentor security teams, and drive defense against advanced threats using MITRE ATT&CK-aligned frameworks.
Roles & Responsibilities:-Lead deployment and configuration of Microsoft Defender for Endpoint across all supported platforms.-Customize and manage endpoint security policies, attack surface reduction rules, and threat protection settings.-Monitor security alerts and endpoint telemetry to detect and analyze threats.-Conduct investigations using Microsoft 365 Defender and advanced hunting (KQL) capabilities.-Respond to incidents by initiating remediation actions (e.g., isolate endpoints, remove malware, collect forensic data/Artifacts).-Collaborate with the SOC to provide timely incident resolution and root cause analysis.-Tune detection rules and policies to reduce false positives and enhance protection.-Maintain up-to-date documentation, playbooks, and response procedures.-Provide recommendations to improve the organizations endpoint security posture.-Mentor junior analysts and engineers on best practices for MDE and incident response workflows.-Provide executive-level reporting on threat trends, incident metrics, and risk posture.-Perform gap analysis on endpoint security to identify and address areas of improvement.-Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).-Stay current on emerging threats and align defense strategies with frameworks like MITRE ATT&CK. Professional & Technical
Skills:

-68+ years of experience in MDE/EDR implementations and security operations.-Strong background in SOAR automation (Microsoft Logic Apps).-Deep technical knowledge of endpoint protection, threat detection, and incident response workflows.-Proficiency in Microsoft security stack:M365 Defender, Intune, Azure AD, and Sentinel. -Strong command of KQL for custom detections and threat hunting.-Experience with scripting (PowerShell), automation, and EDR tooling integrations is a plus.-Experience with Halcyon and CrowdStrike EDR is a plus and considered an added advantage.- Prefered Certifications SC-200:Microsoft Security Operations Analyst,SC-100:Microsoft Cybersecurity Architect,AZ-500:Microsoft Azure Security Technologies,MITRE ATT&CK Defender (MAD) certs,CISSP, CEH, or equivalent industry certifications
Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required.Qualification
15 years full time education