UST UA is looking for an experienced Endpoint Detection and Response Specialist.
Client: deliver Managed Detection and response services that keep your enterprise safe and secure as you migrate to cloud-native environments — and beyond. They keep you protected by anticipating, adapting, and responding to cyber threats in real time through a never-before-seen combination of expert human analysts, virtual analysts, and automation — delivered through a refreshingly transparent defense center platform. With your cybersecurity operations confidently under control, you can now focus on achieving your critical business goals without the fear of cyber-attacks.
Must have skills:
- Strong understanding of the pyramid of pain.
- 3+ years of hands-on experience with EDR solutions on an administrator level such as MDE, Crowdstrike, Cybereason, Carbon Black, Sophos, and Sentinel One.
- Set up and maintain the EDR platform in accordance with best practices and the customer environment.
- Proactively recommending to clients any new features released by vendors.
- Experience in creating custom detection rules
- Knowledge of vendor-specific query languages (such as KQL and FQL) is required.
- Knowledge of ring-based sensor upgrades.
- Fine-tuning the false positives to the point where alert fatigue is minimized.
- Familiarity with the development of executive reports (daily, weekly, and monthly).
- Experience conducting one-on-one calls with consumers is required.
- Expertise in troubleshooting sensor and platform issues.
- Able to manage P1 and P2 issues around the clock.
- Coordinate with the cyber security team to develop response strategies and implement remediation plans
- Must be willing to explore and learn on your own
- Excellent problem-solving skills and attention to detail.
- Strong communication skills and the ability to collaborate effectively with other teams.
- Experience in performing POA and POC to test the EDR solutions and functionalities.
- Knowledge of compliance and frameworks such as GDPR, PCI, NIST, CIS, and CSA.
- Assist the team by offering training or KTs as needed.
- Knowledge of the Mitre Att&ck/Defend framework and the cyberkill chain.
- Proactively look for threats based on threat intelligence and APTs ttps.
- Review and stay up to date on the latest cyber security threats and trends.
- Communication with clients from all over the world
- An opportunity to rise to interesting challenges with international business cases for professional and personal growth
- Working in a team of professional enthusiasts
- Professional and career opportunities
- Flexible schedule
- Paid vacation (18 days) and sick leaves (10 days)
- B2B or Regular Employment in Poland
- Impressive corporate database for education and self-education
- The environment where you can implement your ideas
- Friendly professional staff and warm atmosphere
- Team parties and corporate events