Endpoint Engineer

” The Job Description”

1. Deploy, manage, and maintain XDR and EPP agents across all endpoints and servers.
2. Investigate and respond to malware, exploits, and fileless attack incidents.
3. Optimize detection by tuning security policies and reducing false positives.
4. Integrate endpoint telemetry with SIEM/XDR platforms for unified visibility. Prepare and deliver monthly endpoint risk and compliance reports.
5. Design, deploy, and manage Splunk SIEM architecture including indexers, forwarders, and syslog collectors.
6. Integrate logs from firewalls, endpoints, NDR, DLP, WAF, SOAR, cloud, and SaaS platforms into a unified SIEM.
7. Develop custom detection rules, dashboards, and correlation searches to identify threats.
8. Tune and optimize syslog parsing, field extractions, and indexing to ensure performance and cost efficiency.
9. Collaborate with Threat Intelligence & SOAR (Engineer 8) to automate response workflows.
10. Manage log retention policies to ensure compliance with frameworks like NCA, PCI DSS, and GDPR.
11. Deliver weekly security dashboards and monthly SIEM health and detection performance Report.
    

Tagged as: cloud, dlp., DSS, EPP, NCA, NDR, PCI, saas, siem, soar, WAF, XDR