Location:Dubai, Customer Onsite
Modeofwork:Workfromoffice(Daily)
Required
Required skillset:
- 6 to 8 Years Proven hands-on experience with SentinelOne EDR (Installation, agent deployment, configuration, monitoring, and troubleshooting)
- Hands-on expertise with Palo Alto Cortex XDR, including investigation and response workflows.
- Solid understanding and experience in EDR, NDR, and XDR concepts and architectures.
- Experience in malware detection, threat hunting, and incident response
- Ability to create and tune detection rules, policies, and automated responses
- Familiarity with integrating SentinelOne with:
- Experience integrating EDR/XDR with firewalls, SIEM, SOAR, and threat intelligence feeds (e.g., Rapid7, QRadar, LogRhythm)
- Handling SIEM/SOAR tools, ticketing systems, and threat intelligence feeds
- Good understanding of Windows, Linux, and macOS endpoint environments
- Basic scripting knowledge (e.g., PowerShell, Python) is a plus
- Experience in malware analysis, MITRE ATT CK framework, and threat lifecycle management.
- Familiarity with Windows, Linux, and macOS endpoint environments.
- Strong communication skills and the ability to work effectively with internal teams and external vendors
- Willingtowork onclient location - onsite
Responsibilities
Roles and Responsibilities:
Platform Installation, Administration Maintenance
- Administer, configure, and maintain the SentinelOne EDR and PaloAlto Cortex platform across multiple enterprises endpoints.
- Ensure all endpoints are properly on-boarded and reporting to the management console.
- Manage policy configurations, device groups, and automation rules.
Threat Monitoring Response
- Monitor real-time alerts and incidents generated by SentinelOne.
- Monitor EPO, network, NGFW, identity, and cloud telemetry through PA Cortex.
- Monitor the advanced threats File-less attacks Lateral movement and privilege escalations.
- Perform triage, initial investigation, and containment of endpoint security threats.
- Collaborate with SOC and Incident Response teams to escalate and resolve complex threats.
Reporting Compliance
- Generate weekly and monthly reports on endpoint threat activity, coverage, response status.
- Ensure compliance with internal security policies and external regulatory requirements.
- Provide audit and compliance support by maintaining accurate logs and documentation.
Integration Optimization
- Integrate SentinelOne with other security tools (SIEM, SOAR, ticketing systems, etc.).
- Optimize policies, automation rules, and detection capabilities to reduce false positives.
- Stay updated with the latest SentinelOne features and threat intelligence.
Support Troubleshooting
- Serve as the primary point of contact for EDR-related issues and support.
- Troubleshoot agent deployment and communication issues on various platforms (Windows, macOS, Linux).
Coordinate with SentinelOne support for issue escalation and resolution.
Tools Technology Experience
- SentinelOne
- Palo Alto Cortex
Note: Any additional skill set is an advantage
Qualifications
Educational Qualifications:
- Bachelor degree in Computer Science / Engineering or equivalently advanced industry certifications
- Additionally, Product certification in above solutions
- Certification Eligibility: certification mandatory in tools technology category
