(L2 -L3) EDR Administration & Support Engineer

Basic Purpose

We are looking for an experienced L2 -L3 Security Operations
& Support Engineer with strong hands -on expertise in Endpoint Security,
EDR/XDR, and Privileged Access Management (PAM) technologies to manage advanced
administration, escalations, troubleshooting, optimization, and operational
support activities for enterprise security environments.

The engineer will work closely with SOC, Infrastructure,
Cloud, Audit, OEM TAC, and Security teams to strengthen endpoint security
posture, improve operational efficiency, and support critical incident response
activities.

The role includes advanced troubleshooting, policy
governance, threat investigation, product upgrades, integrations, and security
operations support across enterprise environments.

Primary Skills Required

Endpoint Security / EDR

Hands -on experience with:

• Trend Micro Deep Security
  
• Trellix Endpoint Security / EDR
  
• SentinelOne Singularity Platform / EDR
  

Experience in:

• Endpoint Protection (EPP) and Endpoint Detection & Response (EDR/XDR)
  
• Antivirus / Anti -malware operations
  
• Alert monitoring, analysis, and incident triaging
  
• Agent deployment, upgrade, and troubleshooting
  
• Policy management, tuning, and configuration
  
• Endpoint health monitoring and compliance management
  
• Server and endpoint security administration
  
• File Integrity Monitoring (FIM)
  

L3 Advanced Skills:

• Threat hunting and malware investigation
  
• Root Cause Analysis (RCA)
  
• Advanced incident investigation and response handling
  
• Security architecture optimization
  

Privileged Access Management (PAM)

Hands -on experience with:

• ARCON PAM
  

Experience in:

• Privileged access lifecycle management
  
• Password vaulting and rotation
  
• Privileged session monitoring and auditing
  
• Access governance and workflows
  
• MFA integration
  
• Privileged account onboarding and management
  

Good to Have Skills

• NAC exposure (preferably Aruba ClearPass)
  
• SIEM / SOC operational knowledge
  
• Cloud security exposure (AWS / Azure)
  
• Vulnerability management and patching concepts
  
• Threat intelligence and security automation
  
• Basic scripting (PowerShell / Python)
  
• ServiceNow and ITIL process knowledge
  

Roles & Responsibilities

L2 Responsibilities

• Handle security alerts, incidents, and escalations from L1 teams
  
• Perform routine troubleshooting for agent, policy, and communication issues
  
• Support endpoint agent deployment, upgrades, and maintenance
  
• Assist in policy tuning and configuration updates
  
• Monitor endpoint health and compliance status
  
• Follow SOPs and maintain operational documentation
  

L3 Responsibilities

• Lead resolution of critical and high -severity security incidents.
  
• Perform advanced threat investigation and malware analysis
  
• Conduct Root Cause Analysis (RCA) for complex issues
  
• Design, optimize, and govern endpoint security and PAM policies
  
• Lead upgrades, migrations, onboarding, and platform enhancements
  
• Provide technical mentorship to L1/L2 engineers
  
• Drive automation, optimization, and security improvements
  
• Own SOPs, run books, and architecture -level documentation
  
• Coordinate with OEM/vendor TAC for critical escalations
  
• Support audit, compliance, and governance activities
  

Preferred Candidate Profile

• Strong analytical and troubleshooting skills
  
• Excellent communication and stakeholder management abilities
  
• Experience in enterprise production security environments
  
• Strong understanding of cybersecurity architecture and operations
  
• Ability to handle complex incidents independently (L3 expectation)
  

Requirements

Note: Joining Immediate or within 1 month.