Job Description
Cyber Security Engineer - Endpoint Security and Threat Intel : (8 -12 years)

• EDR, CompTIA Security+, Carbon Black PSC, Proofpoint, Threat Hunting, Splunk, Endpoint Security

General Summary :
Security engineer is tasked with conducting the technical aspects of response operation for critical events, escalated by SOC. This includes immediate containment, investigation and management of remediation actions, as well as enhancing defenses with the new knowledge acquired throughout the response process.
Roles and Responsibilities :• Expert level knowledge of VMware Carbon Black Cloud EDR and real-time experience using Live-response capabilities, good exposure on threat hunting.• Strong technical skills in VMware Carbon Black Cloud sensor rollouts and upgrades.• Strong technical skills in analysis and information gathering related to potential malicious code artifacts in a safe, secure manner.• Demonstrated ability to analyse ongoing situations for the potential of a malware-related security incident.• Build BAU operations using VMware Carbon Black Cloud and create incident response process for the detections.• Maintain and improve VMware Carbon Black Cloud policies and Endpoint Protection detections.• Maintain security posture with strong configurations, watchlist reports and assist SOC monitoring team to understand the same.
Plan and lead process improvement initiatives tailored to improve overall VMware Carbon Black Cloud detections.

Knowledge, Skills, and/or Abilities Required :
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.• 6 - 8 years of experience in cyber security & threat intelligence, all-source threat intelligence analysis, malware analysis and be fully versed in the malware behavior lifecycle. 4+ years in an information security antivirus/anti-malware/EDR or malware analysis role.• Excellent communication skills, both oral and written, with various audiences; mature, confident, assertive communication style.• Strong Knowledge of Cyber security incident response process and procedures.• In-depth knowledge of the security threat landscape.• Understanding of contemporary scripting languages such as python, and familiarity with application programming interfaces (API) as a delivery method for indicators and intelligence.• Flexible to work in a 24*7*365 Security Operations environment.• Attention to detail, but with an ability to understand the big picture view and understand when projects or efforts have conflicting objectives.• Knowledge of data communication concepts and technologies, specifically email, networking, and enterprise security.

About Cognizant
Cognizant (Nasdaq-100: CTSH) is one of the world's leading professional services companies, transforming clients' business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant is ranked 185 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @USJobsCognizant. Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.

Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
If you have a disability that requires a reasonable accommodation to search for a job opening or submit an application, please email [email protected] with your request and contact information.