Supports Endpoint Detection and Response (EDR) applications from an operational capacity and ensures cyber security service availability for all endpoint (i.e. servers, desktops and laptops).
Monitor EDR & AV logs
Monitor dashboard for compliance, threats and troubleshoot
Check if any incidents are missed by L1 and follow up for the cause
Basic level of fine tune policies and provide service improve plans.
Maintain the SOP for the new events
Supporting L1 & L2 for unresolved tickets
Raise case and follow up with support for any issue
Policy creation & Changes
Major Changes in Infrastructure
Major Incidents/Outages
Provide Service improvement to the management
Configuring policies on request
Check Audit logs and fix if any disturbance.
Working on TTP policies
Supports Endpoint Detection and Response (EDR) applications from an operational capacity and ensures cyber security service availability for all endpoint (i.e. servers, desktops and laptops).
Monitor EDR & AV logs
Primary Skills
Endpoint Detection Response (Crowdstrike, Defender for Endpoint, Carbon Black)