Security Delivery Consultant- SOC-IR L2 / EDR / NDR

Job Summary

We are seeking a highly skilled Security Delivery Consultant with strong experience in Security Operations Center (SOC) environments, particularly in Incident Response (L2), EDR, NDR, and SIEM operations.

The ideal candidate will play a key role in cybersecurity monitoring, incident investigation, threat detection, and response, while contributing to the development and enhancement of SOC processes, tools, and policies.

Key Responsibilities

SOC Operations & Incident Response

• Execute and support incident response activities (L2 level), including detection, analysis,
• containment, and remediation.
• Develop and maintain incident response plans, SOC policies, procedures, and
• playbooks.
• Analyze security events and provide actionable guidance to team members.
• Provide on-call support outside business hours when required.

SIEM & Threat Detection

• Work closely with SIEM engineers to develop, fine-tune, and optimize correlation rules.
• Monitor and analyze logs and alerts from multiple security tools.
• Create custom detection use cases and correlation rules.

EDR (Endpoint Detection & Response) Administration

• Deploy, upgrade, and maintain EDR agents across Windows, macOS, and Linux
• environments.
• Monitor agent health and troubleshoot reporting issues.
• Develop and manage EDR policies and configurations.
• Integrate EDR solutions with SIEM and other security platforms.

NDR (Network Detection & Response) Administration

• Administer and maintain NDR solutions.
• Develop and manage NDR policies and configurations.
• Integrate NDR with SIEM and other cybersecurity tools

Security Tools & Vulnerability Management

• Work with tools such as Tenable (Vulnerability Management).
• Manage support tickets and coordinate with vendors for issue resolution.
• Periodically review EDR/NDR configurations and propose improvements.

Reporting & Communication

• Produce cyber intelligence and incident reports for both technical and non-technical
• stakeholders.
• Clearly communicate cybersecurity risks and findings to business users and senior
• management.

Leadership & Coordination

• Lead and support SOC team activities.
• Ensure adherence to security standards and best practices.
• Collaborate with cross-functional teams to strengthen overall security posture

Requirements

• Minimum 5 years of experience in cybersecurity, preferably in SOC environments.
• Strong hands-on experience in:
• Incident Response (IR L2)
• EDR & NDR technologies
• SIEM platforms
• Vulnerability Management (Tenable)
• Proven experience in security event analysis, threat detection, and incident handling.
• Strong analytical, organizational, and leadership skills.
• Excellent written and verbal communication skills.

Preferred Certifications

• GIAC GCIH (Incident Handler)
• GIAC GMON (Continuous Monitoring)
• GIAC GCFA (Forensic Analyst)
• Or equivalent cybersecurity certifications

Mandatory / Critical Skills (Must-Have)

• Incident Response (L2)
• EDR Administration
• NDR Administration
• SIEM Operations
• Tenable / Vulnerability Management