Endpoint Security Analyst

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €31.6 Billion international wholesaler with operations in more than 30 countries. The store network comprises a total of 623 stores in 21 countries, of which 522 offer out-of-store delivery (OOS), and 94 dedicated depots. In 12 countries, METRO runs only the delivery business by its delivery companies (Food Service Distribution, FSD). 

HoReCa and Traders are core customer groups of METRO. The HoReCa section includes hotels, restaurants, catering companies as well as bars, cafés and canteen operators. The Traders section includes small grocery stores and kiosks. The majority of all customer groups are small and medium-sized enterprises as well as sole traders. METRO helps them manage their business challenges more effectively. 

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide HR, Finance, IT, Strategy, Branding & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 10 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

Job Description

Responsibilities:

• EDR Solution Management: Develop, configure, and maintain EDR solutions, tailoring them to specific Business needs and security requirements.
• Coverage: Develop baseline asset inventories and maintain owners for systems in the inventory. Always ensure to achieve 100% coverage in EDR deployment.
• Daily Operations: Perform routine tasks like tool administration, tuning, malware quarantining, and ensuring EDR tools effectively support security monitoring and incident response.
• Threat Detection and Response: Analyze EDR tool output to optimize security monitoring, support incident detection, and identify potential threats.
• Policy and Procedure Development: Develop, implement, and update EDR policies, rules, and configurations to align with security standards and threat intelligence.
• Collaboration: Work closely with SOC, threat intelligence, and other security teams to improve overall security posture.
• Security Assessment and Improvement: Offer expert advice and recommendations for improving security posture, mitigating vulnerabilities, and adhering to security standards.
• Incident Response: Participate in incident response efforts, utilizing EDR tools to investigate, contain, and remediate security incidents.
• Documentation and Reporting: Document findings, actions taken, and lessons learned for each incident. Prepare periodic security reports and contribute to compliance audits.
• Knowledge Sharing and Training: Guide and mentor Team, provide training sessions, and share knowledge on endpoint security best practices.
• Vendor Coordination: Coordinate with EDR vendors for troubleshooting, enhancement, and maintenance of endpoint security solutions.
• Compliance: Contribute to compliance audits and ensure adherence to security standards.
• Staying Up-to-Date: Remain current on the latest security threats and trends.

Technical & Soft Skills:

• Experience in scaling an enterprise EDR program across multiple environments seamlessly with proper strategy and prioritization.
• Strong knowledge of endpoint security technologies and concepts (EDR, DLP, MDM). Hands-on experience and deep knowledge of EDR technologies like CrowdStrike, Defender, Cortex.
• Experience with automated response via SOAR platforms and security orchestration.
• Understanding of network security, operating systems, and cloud environments.
• Experience managing endpoints in hybrid environments (Cloud, On-Prem, VDI).
• Advanced understanding of technical information security concepts related to threat landscapes.
• Strong understanding of network protocols, operating systems, and security technologies.
• Familiarity with compliance frameworks like ISO 27001, NIST, etc.
• Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations.
• Skilled in developing professional documentation and detailed reporting (including PowerPoint presentations), including policies, standards, processes and procedures
• Very high attention to detail, with strong skills in managing/presenting data and information.
• Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills.
• Excellent communication, collaboration, and interpersonal skills.

Qualifications:

• Bachelor’s degree in computer science, Information security, or in a related field. Relevant Cyber Security certifications (e.g. CompTIA Sec+, C|ND, CEH, or any Globally renowned Certification) are a plus.
• 2- 4 years of total experience in SOC in a large multi-national organization or in a known MSSP. In addition to SOC Engineering experience, candidate should possess at least 1+ year of experience on EDR Security and Governance capabilities.