EDR Specialist

Experience : 5 to 9 years

Location : Bangalore/Hyderabad/Chennai/Pune/Kochi/Trivandrum

Job Summary

We are seeking a highly skilled and experienced Endpoint Detection and Response (EDR) Specialist to join our cybersecurity operations team. The ideal candidate will possess SME-level expertise in at least two leading EDR platforms—Microsoft Defender, CrowdStrike, or SentinelOne—and demonstrate strong operational, analytical, and troubleshooting capabilities across Windows and Linux environments. This role demands a proactive problem-solver who can guide customers in optimizing their EDR deployments, automate operational tasks, and ensure robust endpoint security.

Key Responsibilities

Provide expert-level guidance on the deployment, integration, and maintenance of EDR solutions (Defender, CrowdStrike, SentinelOne). Deliver clear, actionable advice to customers to improve their EDR posture and maximize solution effectiveness. Support EDR applications from an operational standpoint, ensuring high availability and performance across all endpoints (servers, desktops, laptops). Troubleshoot and resolve low-level OS and network issues in Windows Server and Workstation environments. Deploy, configure, and maintain EDR sensors on Linux machines; collect and analyze logs to investigate security incidents. Manage and maintain ITIL-based change management processes: Schedule and coordinate change requests. Communicate change preparation guidelines to internal stakeholders. Ensure successful implementation and post-change review for effectiveness. Define and maintain a list of pre-authorized changes. Adapt communication style to suit various customer profiles and channels (email, calls, meetings). Utilize scripting languages (e.g., PowerShell, Python, Bash) to automate reporting, system management, and software deployment tasks. Collaborate with cross-functional teams to continuously improve cybersecurity operations and automation workflows.

️ Required Skills & Qualifications

SME-level proficiency in at least two EDR platforms: Microsoft Defender, CrowdStrike, SentinelOne. Strong hands-on experience in both Windows and Linux environments. Proven ability to troubleshoot OS-level and network-related issues. Solid understanding of ITIL processes and change management best practices. Proficiency in at least one scripting language (PowerShell, Python, Bash, etc.). Excellent communication and interpersonal skills with the ability to tailor messaging to diverse audiences. Experience in automating manual tasks and generating operational reports. Ability to work independently and collaboratively in a fast-paced environment.

 Preferred Qualifications

Relevant certifications (e.g., CrowdStrike Certified Falcon Administrator, Microsoft SC-200, SentinelOne Ranger). ITIL Foundation Certification. Experience in cybersecurity incident response and threat hunting.