Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.
We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.
We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, as an EDR Consultant.
Take a look at our website here to learn more about why we're one of the leading global Cyber Security and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity
An opportunity has arisen for an experienced network security enthusiast to specialize in a new role based around Endpoint, Detection and Response (EDR) technologies, principles and services. The Challenge
EDR falls under the banner of the wider Managed Detection and Response (MDR) framework with the candidate acting as the internal SME in terms of all things endpoint and will work with the other MDR teams to integrate EDR products and services into the MDR ecosystem. Our MDR offering provides our clients with world leading managed service capabilities built around detecting and responding to security threats and cyber-attacks using in-house custom build detection logic and tooling alongside best of breed established toolsets to ensure our clients are in safe hands.Essential Skills
- Familiar with Endpoint Detection and Response (EDR) tooling such as Carbon Black / Defender ATP or other endpoint products
- Familiar with concepts such as IDS/IPS and Indicators of compromise
- Familiar with Threat intelligence feeds such as Mitre Attack Framework and Threat-hunting concepts
- Familiar with Windows / Linux operating systems including servers and end user devices
- Familiar with concepts around device hardening and rolling out software centrally using tools such as GPO/SCCM/PUPPET/INTUNE
- vulnerability scanning and privilege access management
· Familiar with Cloud environments such as AWS and Azure
- Familiar with SIEM tooling such as Splunk or Log Rhythm
- Familiar with incident management and change management processes
As an added bonus it would be great if you have exposure to the list below, but this is by no means essential. Your passion and enthusiasm for your role is more important to us. "
Nice to have skills such as:
- Experience with multiple firewall vendors such as Cisco, Fortinet, Palo Alto or Checkpoint
- Familiar with general Switching/Routing/Firewalling concepts, Network security in general including authentication methods,
- Familiar with concepts around single sign-on or experience configuring web proxies (e.g Websense/Bluecoat)
About your application
- Strong verbal and written skills
- Experience working with vendors and key stakeholders
- Experience working with client stakeholders to design and implement endpoint solutions
- Experience creating design documents such as High-Level Design (HLD) and Low-Level Design (LLD)
We review every application received and will get in touch if your skills and experience match what we're looking for. If you don't hear back from us within 10 days please don't be too disappointed - we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.