As an Information Security Engineer specializing in NDR, particularly with ExtraHop, MobileIron, Ivanti EPM, Ivanti ISEC, will be responsible for deploying, configuring, and managing these solutions to proactively detect and respond to security threats across our organization's endpoints and network.
Responsibilities
NDR Solution Implementation:
· Deploy, configure, and maintain NDR solutions, with a focus on ExtraHop, to detect, investigate, and respond to security threats and anomalies.
· Should be able to create syntaxes to detect indicators of compromise (IOCs) and malicious behavior of new threats. Hands on in writing a query in NDR to search the desired events.
Security Policy Development and Enforcement:
· Develop and enforce security policies within NDR systems to enhance endpoint and network security.
Incident Response and Threat Hunting:
Monitor and investigate security incidents and anomalies, proactively conduct threat hunting to identify and mitigate potential threats.
Integration and Collaboration:
· Collaborate with cross-functional teams to integrate NDR systems with other security tools, SIEM platforms, and threat intelligence sources.
Qualifications
Bachelor's or Master's degree in Information Security, Computer Science, or a related field.
5 + Years exps Proven experience in deploying and managing NDR solutions, with a specific focus on ExtraHop, MobileIron, Ivanti EPM, Ivanti ISEC.
Experience with various other SIEM security products such as: Splunk, ArcSight, Nitro, or LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, and DLP.
