Company Description
A leading global commercial vehicle manufacturer specializing in trucks and buses, with a strong presence across North America, Europe, and Asia. The company is recognized for its engineering excellence, strong brand portfolio, and focus on delivering reliable and efficient transportation solutions at scale.
- Location Bangalore
- Industry Automotive
- Experience Range 2-4 years
- Must-have Skills Endpoint Detection & Response (EDR), Incident Response, Microsoft Defender for Endpoint, SIEM (Microsoft Sentinel), Windows Security
Job Summary
The Cyber SOC Endpoint Security Engineer is responsible for monitoring, analyzing, and responding to endpoint security incidents using Microsoft Defender tools. The role focuses on endpoint detection, investigation, containment, and remediation while improving overall security posture and supporting SOC operations.
Key Responsibilities
- Investigate and respond to endpoint security incidents through the full lifecycle (detection to closure).
- Monitor and analyze alerts from Microsoft Defender for Endpoint.
- Perform root cause analysis, impact assessment, and incident classification.
- Execute response actions such as device isolation, file quarantine, and threat containment.
- Escalate high-severity incidents with proper analysis and documentation.
- Analyze endpoint telemetry (processes, registry, files, network activity).
- Tune detection rules and reduce false positives.
- Support endpoint hardening and security control implementations.
- Collaborate with IT teams for patching, vulnerability remediation, and configuration.
- Maintain documentation and participate in post-incident reviews (RCA).
- Provide guidance to L1/L2 SOC analysts and support audit/compliance activities.
Required Skills & Experience
- 2–4 years of experience in cybersecurity with endpoint security exposure.
- Hands-on experience with Microsoft Defender for Endpoint (mandatory).
- Knowledge of Microsoft 365 Defender (Defender for Office 365, Defender for Identity).
- Experience in endpoint detection and response (EDR).
- Familiarity with MITRE ATT&CK framework.
- Experience with SIEM tools like Microsoft Sentinel.
- Strong understanding of incident response lifecycle and SOC operations.
- Knowledge of Windows OS and endpoint security controls.
- Understanding of patching, vulnerability management, and endpoint lifecycle.
- Basic knowledge of networking concepts.
Preferred Qualifications
- Experience handling medium to high severity incidents.
- Exposure to threat intelligence and IOC-based investigations.
- Strong analytical and problem-solving skills.
Other Requirements
- Ability to work in a collaborative SOC environment.
- Strong documentation and communication skills.
- Willingness to continuously learn and adapt to evolving threats.
