Job Description

Overview
As the Senior Engineer for Security Platform and Infrastructure, you will manage and enhance endpoint security across telecommunication environments. The role includes Day 1 implementation and Day 2 operational support activities related to Design, Implement and Manage the Security platforms and coordination with Managed Security Service Providers (MSSP) and OEMs.

This role requires expertise in endpoint security technologies, threat detection, operational governance, and collaboration with internal teams, vendors, and MSSP partners to ensure secure and reliable operations. On top of this desire to learn, think out of the box and introduce new security initiatives to support Day 1 and Day 2’s responsibilities.

Job Duties and Responsibilities
•    Lead and participate in the deployment, configuration, and onboarding of EDR solutions across telecommunications environments including servers, workstations, cloud workloads, and remote endpoints.
•    Perform EDR agent deployment, health verification, policy configuration, and integration with other platforms like ticketing, SIEM and SOAR platforms.
•    Coordinate with infrastructure, network, cloud, and application teams for successful onboarding and rollout activities.
•    Work closely with MSSP partners and vendors during implementation, transition, and go-live phases.
•    Validate log forwarding, alert generation, telemetry collection, and endpoint visibility across environments.
•    Support infrastructure readiness activities including sizing, connectivity validation, firewall rules, proxy configurations, and cloud integrations.
•    Participate in Proof of Concepts (POC), product evaluations, feature testing, and security tool assessments.
•    Develop onboarding documentation, operational runbooks, implementation procedures, and knowledge transfer materials.
•    Collaborate with cybersecurity architecture and governance teams to align EDR deployment with security standards and compliance requirements.
•    Conduct tuning and optimization of EDR policies, detection rules, exclusions, and alert thresholds to reduce false positives.
•    Manage endpoint security posture by monitoring agent health, policy compliance, coverage gaps, and platform performance.
•    Perform Day 2 operational activities including upgrades, patching, troubleshooting, policy management, and platform maintenance.
•    Support Infra related vulnerability, remediation coordination, and hardening initiatives.
•    Support audit, compliance, and regulatory activities related to endpoint security platform and operations.
•    Coordinate with vendors and MSSP partners for issue resolution, feature enhancements, and product roadmap discussions related to the platform.
•    Participate in 24x7 on-call support and incident related to the platform and infra whenever required and need to be on standby.
•    Lead and work with cross-functional stakeholders and processes to meet the business requirements.

Qualifications

Qualifications
•    Bachelor’s degree in information technology, Computer Science, Cyber Security, or related discipline.
•    2 – 4 years of experience in cybersecurity operations, EDR management, SOC operations, or endpoint security engineering within telecommunication or large-scale environments.
•    Familiarity with EDR/XDR platforms such as Palo Alto XDR or CrowdStrike Falcon or Sentinel One or VMware Carbon Black.
•    Experience working with MSSP/SOC providers and managing operational governance.
•    Familiarity with Windows, Linux, macOS, cloud (AWS and Ali), and hybrid infra environments.
•    Familiarity with PowerShell, Python, or Bash scripting is an advantage.
•    Understanding of MITRE ATT&CK framework and endpoint attack techniques.
•    Good to have certifications such as CEH, CISSP, Security+, GIAC, or vendor-specific EDR certifications.

Essential Skills
•    Strong analytical and troubleshooting skills.
•    Experience in endpoint security and security operations.
•    Effective stakeholders, vendors, and MSSP management capabilities.
•    Good communication and incident coordination skills.
•    Knowledge of operational governance, SLA management, and service delivery.
•    Strong documentation, reporting, and problem-solving abilities.
•    Ability to work collaboratively with SOC, infrastructure, application, and security teams.