EDR Specialist

3 - 5 Years
1 Opening
Hyderabad

Role Summary

We are looking for an experienced EDR Specialist with strong hands-on expertise in EDR/XDR platform administration and operations across multiple tools such as CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint (MDE), Palo Alto Cortex XDR, and Kaspersky. The role focuses on platform management, operational excellence, and enabling SOC teams to effectively detect, investigate, and respond to threats.

Key Responsibilities

EDR/XDR Platform Administration (80%)

• Administer and manage EDR/XDR platforms such as CrowdStrike (This a must have), SentinelOne, Defender for Endpoint, Cortex XDR, and Kaspersky

• Manage full agent lifecycle including deployment, upgrades, troubleshooting, and decommissioning

• Perform Proactive Threat Hunting

• Build Custom Detection rules to improve the out-of-the-box detection for the customer.

• Configure endpoint security policies, exclusions, prevention controls, and response actions

• Experience in Identity, Device and Firewall modules of EDR

• Manage RBAC, user access, device groups, tags, and organizational structure

• Perform continuous health monitoring of agents and platforms to ensure optimal coverage and performance

Operational & Incident Support

• Execute remote response actions such as host isolation, process termination, and file quarantine

• Coordinate with IT and endpoint teams for remediation and recovery activities

• Maintain incident documentation, evidence, and audit trails

Integrations & Ecosystem Management

• Integrate EDR/XDR platforms with SIEM and SOAR solutions

• Maintain and troubleshoot APIs, connectors, and data ingestion pipelines

• Collaborate with identity, email security, and vulnerability management teams

Compliance, Reporting & Governance

• Develop and maintain coverage, health, and compliance reports

• Support audits by providing configuration evidence and operational documentation

• Ensure adherence to organizational security and compliance standards

Required Skills & Experience

• Hands-on experience as an EDR/XDR Administrator in enterprise environments

• Strong experience with at least two EDR tools: CrowdStrike (sThis is a must), SentinelOne, MDE, Cortex XDR, or Kaspersky

• Good understanding of endpoint operating systems: Windows, Linux, and macOS

• Experience with SIEM integrations and SOC operational workflows

• Strong troubleshooting, documentation, and communication skills

Nice-to-Have Skills

• Scripting experience with PowerShell or Python

• Familiarity with MITRE ATT&CK framework

• Experience with cloud workload protection or XDR modules

• Relevant security certifications (Microsoft, CrowdStrike, SentinelOne, Palo Alto)

• Experience in Any of the leading DLP solutions.

endpoint detection and response,endpoint security,mitre att&ck,sentinelone,incident response