· Experience & Qualifications: · We need to append EDR experience / exposure and strong understanding of the threat landscape to the below JD. o Experience : Minimum of 3 years of hands-on experience working in a Security Operations Center (SOC) environment, with a strong focus on incident monitoring, triage, and response. o Certifications : § Microsoft Certified: Security Operations Analyst Associate (SC-200) § CompTIA Security § Security Blue Team Level 2 o Preferred Technical Skills : Familiarity with scripting languages (e.g., Python, PowerShell) for automation and analysis. Advanced (non-Negotiable): 1. Experience in Critical Security Incident Response. 2. Advanced knowledge of EDR tools (preferably CrowdStrike or Microsoft). 3. Advanced knowledge on Microsoft Security Monitoring and Alerting platforms e.g. Sentinel, Cloud Defender. 4. Well versed with Cyber Kill Chain and other leading Security framework related to Security Incident Response. 5. Advanced knowledge of Windows Security, its logging and monitoring 6. Advance knowledge and understanding of Threat Hunting. Intermediate: 1. Intermediate knowledge of SIEM Content Engineering. 2. Intermediate knowledge of network security platform e.g. WAF, Proxy, Next Gen Firewall and associated security policies. 3. Intermediate knowledge of Linux Security and Cloud Security. 4. Intermediate knowledge of DLP and Email Security. Basic/Good-to-Have: 1. Digital Forensic 2. Cybersecurity Engineering 3. Offensive Security
