We are looking for "Endpoint security - L3" for our Client in Jubail, Saudi Arabia.
Duration: 1 year extendable
Preference to on-board in 30 days
Must have transferable Iqama/Citizen
- 6-8 years of experience
- Symantec Antivirus - Endpoint Protection - SEP-L3 (Mandatory)
- Defender AV, Defender ATP, Email protection, malware protection, PaloAlto Traps Endpoint protection
- Ongoing False Positive & Negative fine Tuning of signatures Fine tuning the logging parameters towards the SIEM.
Endpoint Protection Profile Management.
- Enabling signature, Protection Profiles, Endpoint policies for the various target operating systems & Applications (IOCs, Hashes, URLs, IPs).
- Fine tuning the signatures/Protection Profiles on ongoing basis to avoid false positives
Endpoint/Server Signature Updates
- Managing all endpoint/servers using endpoint console. Checking & enforcing updates on daily basis.
- Coordination with OEMs/vendors for mitigating the threats related new Samples
- Remote Location Endpoints Hands and Feet Support in case thee endpoint is reachable. ( Wipro supports the endpoints via remote session tools)
- Upkeep of the APT solution Monitoring of Manual/Automatic Payload analysis (File Sample/Unknown threats Submission).
- Coordination with Firewall/Proxy team for stopping any Call back attempts
- Submit Malware Sample(IOCs) and to performs malware analysis in the APT systems
- Continuous monitoring of Web filter (URL Database) signature updates, AV updates from principle vendor’s source for keeping the track of all the updates (such as Current Version, Last update).
- Creating custom URL filters, Proxy Profiles as per requirement. Unknown categories list should be prepared and reported to proxy vendor with follow-up.
- Fine tuning URL database on need basis.
- Day to day management of proxy cache.
- Generation of reports on proxy usage, violations, capacity reports