Job Description:
• Deploy, configure, and maintain Carbon Black and Symantec endpoint agents across enterprise environments.
• Design and implement policies, rules, and profiles to protect endpoints while minimizing business disruption.
• Participate in endpoint security architecture discussions and contribute to baselines and hardening guides.
• Monitor and manage alerts, detections, and events from Carbon Black and Symantec consoles.
• Tune policies and signatures to reduce false positives while maintaining strong coverage.
• Support agent health, troubleshooting installation issues, connectivity, and upgrade cycles.
• Assist in triage, investigation, and containment of endpoint security incidents.
• Collect and analyze endpoint telemetry using Carbon Black and Symantec tools.
• Collaborate with SOC, IT, and engineering teams to coordinate deployments and operations.
• Maintain runbooks, SOPs, and technical documentation.
• Align endpoint controls to security policies and compliance frameworks.
Requirements:
• 3–5 years of experience in information security or endpoint engineering.
• 2+ year hands-on experience administering VMware Carbon Black (App Control, EDR, Cloud).
• 2+ year hands-on experience with Symantec endpoint products (SEP, SES, Symantec EDR).
• Understanding of endpoint security concepts such as malware, exploits, and lateral movement.
• Practical knowledge of Windows, macOS, and/or Linux internals.
• Familiarity with SIEM/SOC workflows and alert development.
• Strong troubleshooting and documentation skills.
• Strong written and verbal communication abilities.
• Experience in medium-to-large enterprise environments.
• Familiarity with NIST CSF, ISO27001, CIS Controls, or similar frameworks.
• PowerShell, Python, or Bash scripting experience.
• Experience integrating endpoint tools with SIEM platforms.
• Relevant certifications (Carbon Black, Symantec, Security+, CySA+, GSEC, etc.).
Benefits:
Apply Now
Apply Now