Security Engineer L3 (Endpoint Security)
- Rackspace Technology
- 8 - 12 years
- Noida, Gurugram
- 2 months ago
- Email to a friend
- Report this job
Job Description
What we re looking for
To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspace s strategic customers.
This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection Response (EDR) services to customers.
The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers.
You will also be required to liaise closely with the customer s key stakeholders, which may include incident response and disaster recovery teams as well as information security.
Key Accountabilities
- Ensure the Customer s operational and production environment remains healthy and secure at all the times.
- Assist with customer onboarding - customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s).
- Advance platform administration.
- Critical platform incident handling closure.
- As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process
- As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection Response.
- Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams.
- Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s)
- Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.
- Co-ordinate with vendor for issue resolution.
- Required to work flexible timings.
Skills Experience
- Should have 8+ years experience in Security Engineering.
- Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection Response.
- Experience of working with cloud native Endpoint Security and Endpoint Detection Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud.
- Experience of working in two (or more) of the following additional security domains:
- SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc.
- AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail .
- Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis.
- Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls.
- Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.
- Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell.
- Knowledge of Malware reverse engineering, threat detection and threat hunting.
- Computer science, engineering, or information technology related degree (although not a strict requirement)
- Holds one, or more, of the following certificates (or equivalent): -
- Microsoft Certified: Azure Security Engineer Associate (AZ500)
- Microsoft Certified: Security Operations Analyst Associate (SC-200)
- Systems Security Certified Practitioner (SSCP)
- Certified Cloud Security Professional (CCSP)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Operations Certified (GSOC)
- CrowdStrike admin Certified
- A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.
- A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.
- Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure.
- An individual who shows a willingness to go above and beyond in delighting the customer.
- A good communicator who can explain security concepts to both technical and non-technical audiences.
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information Security
Role Category: IT Security
Role: Security Engineer / Analyst
Employement Type: Full time
Contact Details:
Company: Rackspace TechnologyLocation(s): Noida, Gurugram
+ View Contact
Keyskills: Automation Coding Information security Disaster recovery Javascript Network security Security operations microsoft Information technology Python
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Rackspace Technology
About Rackspace Technology We are the multicloud solutions experts. We combine our expertise with the world's leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenge...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in