Perform brand monitoring (monitoring for phishing site/domain, rogue mobile apps, sensitive data disclosure on CloudSEK X vigil dark/deep/ surface web, social media & cybercrime forum, executive/ VIP monitoring) activities & support in take down activity through coordination with OEM
Proactively discover, monitor, and triage underground forums, dark web marketplaces, instant messaging channels, and social media platforms to identify potential cybercrime or threat activities.
Support the management and updating of antivirus and EDR solutions.
Assist in basic threat assessments and incident response activities.
Monitor and analyze antivirus and EDR alerts for potential threats.
Conduct in-depth analysis of malware incidents.
Manage and update antivirus solutions and Endpoint Detection and Response (EDR) tools.
Conduct periodic threat assessments and implement necessary measures.
Spearhead the management and optimization of antivirus and EDR solutions.
Design and implement advanced threat hunting and response strategies.
Able to manage compliance and coverage of endpoints
AV signature and platform version update as needed.
Ensuring GPO policy push and updated on all endpoints
CrowdStrike AV/EDR agent deployment at endpoints/devices
Hands-on experience in managing and operating the Qualys Vulnerability Assessment platform.
Perform regular vulnerability scans, analyze results, and collaborate with teams to ensure timely remediation of security risks.
Strong understanding of CVEs, CVSS, and vulnerability management best practices is required.
Required Technical and Professional Expertise
Hands-on experience required in CloudSek Deep & Dark web monitoring tool, CrowdStrike, McAfee ePO, Antivirus (AV) and EDR, VA PT Qualys
Must have desire to learn or cross skill with new technologies.
Must be able to work in morning, evening, and night shifts – Mandatory.
Bachelor’s degree in engineering/information security, or a related field.
Relevant certifications such as CEH, CompTIA CASP+, or equivalent.
Proven experience to work in a SOC environment.
Deep technical knowledge of security technologies and advanced threat landscapes.
Proven experience in managing and responding to complex security incidents.
Ability to work in a fast-paced, dynamic environment.