EDR Security Engineer

Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you’ll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Your Role and Responsibilities
Develop configure and maintain EDR solutions tailored to client needs. – Perform daily operations including tool administration tuning malware quarantining and ensuring tool usefulness for security monitoring and incident response personnel. – Configure the EDR solution to monitor and block system/user actions as necessary based on client requirements. – Analyze tool output to optimize day-to-day security monitoring and support incident detection. – Offer expert advice and recommendations for improving security posture mitigating vulnerabilities and adhering to security standards. – Ensure EDR solution is configured/optimized in accordance with the latest threat intelligence. – Collaborate with internal& external stakeholders including client security teams to implement security

Required Technical and Professional Expertise
– Minimum 5 years of experience working with modern EDR solutions (CrowdStrike Sentinel One et. al.)
– Experience with EDR tools such as Trellix and CrowdStrike
– CISSP or equivalent certifications.
– Strong understanding of malware host-based security endpoint management EDR in the context of serverless/container environments management processes and security best practices.
– Ability to analyze complex security issues and provide appropriate solutions or recommendations.
– Strong communication skills both written and verbal with the ability to convey technical concepts to non-technical stakeholders.

Preferred Technical and Professional Expertise

• Experience working with FedRAMP (Federal Risk and Authorization Management Program) compliance standards.
• Familiarity with NIST (National Institute of Standards and Technology) guidelines including NIST SP 800-53 and NIST Cybersecurity Framework (CSF).
• Knowledge of other security frameworks such as CIS Controls or ISO 27001.