Job Description:

• Manage and Configure endpoint security tools (e.g., EDR, MDM).

• Monitor endpoint alerts and coordinate appropriate responses.

• Maintain device security baselines across operating systems (Windows/macOS).

• Monitor and analyze security alerts from SIEM and endpoint security tools.

• Investigate suspicious activities, perform incident triage, and coordinate containment.

• Maintain and update incident response documentation and workflows.

• Collaborate with other teams during incident response efforts.

• Support internal and external security audits by preparing evidence and documentation.

• Conduct phishing simulations and report on outcomes to stakeholders.

• Develop user-friendly guidance for secure use of end devices (e.g., laptops, mobile phones).

• Support basic Identity and Access Management (IAM) tasks.

• Perform basic administration of Google Workspace.

• Develop automation scripts to streamline routine security tasks (e.g., alert analysis, access management).

• Collaborate with product security engineers to improve operational efficiency using scripting tools (e.g., Python, PowerShell, or Bash).

Job Requirement:

• Strong understanding of endpoint security tools and security event monitoring.

• Hands-on experience with incident triage and response workflows.

• Basic knowledge of IAM principles (least privilege, RBAC, MFA).

• Hands-on experience with endpoint security tools (e.g., Wazuh, SentinelOne, Crowdstrike, Jamf, GCPW).

• Hands-on experience with Google Workspace Admin Console .

• Experience writing automation scripts (e.g., Python, PowerShell, or Bash) for security tasks.

• Basic understanding of ISO 27001 or NIST frameworks.

• Effective communication skills for both technical and non-technical audiences.

• Familiarity with phishing testing platforms.