Associate Security Engineer, EDR

Responsibilities:

• Support Intake process including coverage for Eastern Standard Time Business Hours
• Monitor alerts and notifications from managed EDR platforms to identify, triage, and escalate potential threats.
• Support senior engineers with investigation and remediation activities related to malware, suspicious processes, and endpoint anomalies.
• Participate in routine operational tasks, including signature updates, policy reviews, and system health checks.
• Assist in the deployment, configuration, and maintenance of EDR agents across diverse client environments.
• Document all investigations and resolutions within the managed service ticketing system.
• Collaborate with customers to ensure endpoint protection coverage, resolve technical issues, and optimize EDR performance.
• Contribute to continuous improvement initiatives for playbooks and response automation.
• Maintain detailed documentation and best practices for internal and external customers

Requirements:

• Diploma or bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field.
• Two years of experience in IT security, systems administration, or managed endpoint support.
• Basic understanding of cybersecurity fundamentals — including malware types, network protection, and incident response.
• Familiarity with EDR solutions such as Microsoft Defender for Endpoint, CrowdStrike, SentinelOne, PaloAlto Cortex XDR, TrendMicro, Carbon Black, or Cisco AMP is an asset.
• Experience with networking concepts and ability to analyze network artifacts
• Scripting or development experience in one of the following languages: Python, PowerShell, bash, etc.
• Acquaintance with log analysis tools or SIEM platforms (e.g., Splunk, Sentinel, XSIAM, CS NG-SEIM) preferred.
• Strong analytical and problem-solving skills with attention to detail.
• Effective written and verbal communication skills for both technical and non-technical audiences