Description

Job Overview:

The Cyber Security Consultant – EDR & DLP will be responsible for managing, administering, and troubleshooting endpoint detection and response (EDR), NextGen antivirus (AV), and data loss prevention (DLP) technologies. This position demands hands-on expertise with a wide range of security products, a proactive approach to data protection, and the ability to investigate and respond to incidents in a large enterprise environment.

Key Responsibilities:

• Daily Administration: Administer and maintain NextGen AV, EDR, and DLP systems effectively on a daily basis.
• Troubleshooting: Provide troubleshooting support for AV & EDR products including Microsoft Defender, CrowdStrike, and SentinelOne.
• Security Investigations: Apply forensic and investigative techniques to determine root causes and assess the impact of security incidents.
• DLP Implementation: Hands-on experience deploying DLP tools at scale across large organizations.
• OEM Support: Troubleshooting experience with DLP solutions from vendors such as Symantec, Forcepoint, and McAfee.
• Alert Monitoring: Continuously monitor alerts and events generated from DLP and other endpoint protection systems.
• Data Classification & Protection: Collaborate with stakeholders to identify, classify, and protect high-value enterprise data.
• Proactive Measures: Design and implement strategies to increase the accuracy and effectiveness of DLP solutions.
• On-Call Support: Participate in a 24x7 rotational on-call support schedule.
• Automation & Innovation: Utilize existing security tools and implement automated solutions with a focus on scalability and reliability.
• Security Posture Improvement: Provide support for tasks that enhance the overall security of the client’s IT infrastructure.
• Documentation & Management: Update and manage records related to incidents, requests, and changes via ITSM tools.
• Root Cause Analysis: Actively contribute to problem management activities and root cause analysis processes.

Key Technology Skills:

EDR, DLP, NextGen AV, Microsoft Defender, CrowdStrike, SentinelOne, Symantec DLP, Forcepoint DLP, McAfee DLP, Security Incident Response, Data Classification, ITSM, Automation Tools, Cybersecurity Operations

Requirements:

• Bachelor's degree (3 or 4 years) in Information Technology, Computer Science, or related field
• Strong hands-on experience with EDR and DLP systems
• Troubleshooting proficiency with major security OEM tools (Microsoft, Symantec, Forcepoint, McAfee, etc.)
• Experience in investigating cybersecurity incidents and identifying root causes
• Knowledge of enterprise data protection and compliance standards
• Availability to support 24x7 operations through rotational shifts
• Ability to automate and scale security operations using modern tools
• Excellent documentation and communication skills
• Preferred: Certifications in security technologies or platforms (e.g., CompTIA Security+, CEH, or vendor-specific certifications)