Enterprise Analyst-Sentinel

What success looks like in this role:

Security Analyst with 4+ to 7 years of relevant experience having in-depth knowledge of Endpoint Security Operations and day to day activities. Excellent in incident, Problem and Change management. Hands on remediation of non-compliant devices, Action on left alone infected devices, Health check. Should have through knowledge on AV tools i.e. designing policies and tuning them, developing rules.
The Candidate should have good knowledge on dealing with virus outbreak and remediation. Should be good with excel and reporting. Need good analytical skills. Should develop trending based on reports.

Role Description:

• Will own escalations from field ops and SD via Incident tickets only.
• Will provide 24x7 support. Monitor the console and perform daily health checks. Will also own /assign tickets to themselves. Perform monitoring on the mailboxes and respond to them.
• Notify SPOC on any issue which couldn’t be addressed by them.
• Perform proactive remediation on non-compliant devices. NC devices will be uploaded by SPOCs on weekly basis to KPI portal. Open/act on tickets for NC & infected devices.
• Will be available on call and respond to hotlines.
• Update all the operational documents. Maintain a knowledge base for all issues.
• Will initiate CR and implement.
• Will work on problem resolution and outbreak management. Will identify opportunity for CSIP and work towards them. Will work on Ulean ideas and implement them in their accounts.
• Engineering work and RCA data owner – will be a liaison for other towers, domains like – ESD, Packaging, Imaging, Network, AD, DBA, Firewall, SOC teams.
• Will be available on call and respond to hotline.
• Manage incident requests and engineering activities for respective clients.
• Act as client interface between off site activities and staff.
• Support one or more technologies
• 100% Client Delivery focused.
• Team members will adhere the objectivities assigned to them in ESS.
• Time booking to right charge codes on actuals.

Technical Knowledge (2 or more technology in-depth knowledge for all the headers)
Total Security Protection(Antivirus/Anti-Malware, Endpoint Detection & Response, Personal Firewall/ Host Intrusion Prevention System, Hard Disk Encryption, Data Loss/Leakage prevention, Access Protection, Erasure Management, Vulnerability Management, Network Access Controls, Application and Device Control, AV for Servers)

#LI-UG1

You will be successful in this role if you have:

• University degree or equivalent education and experience • Minimum of 3 years

Must have work experience on any two tools among below –

Crowd Strike, Carbon Black, Sentinel one, Netscope, Microsoft Defender – EDR

Symantec Endpoint Protection 14, Symantec DLP, Symantec Cloud
McAfee / Trelix Total Protection for Endpoint Total Protection for Endpoint – ePO, Agent, VSE, HIPS, DLP, EEPC VShield, SVA,Trelix Endpoint Security

Encryption – Bit locker, MBAM

Access Control – Avecto

Application Control – Solid Core, McAfee Application Control

Avecto Defendpoint – Application Control, Privilege Management and Solid core

Trend Micro – OSCE, TMCM, Deep Security

Kaspersky Endpoint Security

Microsoft SCEP

Symantec/McAfee NAC
Certifications:
Certification on ITIL Foundation, Symantec Endpoint Protection and/or McAfee Total Protection for Endpoint. Certification on CISSP, CISA, PMP, Prince2 would be added advantage.
Communication & Documentation:-
Excellent communication (Written & Verbal), customer handling skills & Documentation skills.

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4).  US job seekers can find more information about Unisys’  EEO commitment here.