Threat Detection and Response Analyst

Job Overview We are seeking a skilled EDR Analyst (Trellix) with hands-on experience in managing and securing large enterprise environments. The ideal candidate should have strong expertise in Endpoint Detection & Response (EDR), Next-Generation Antivirus (NGAV), Threat Hunting, and Endpoint Protection technologies. The role requires deep technical knowledge, strong analytical abilities, and the capability to manage and troubleshoot security solutions deployed across 10,000+ endpoints . The analyst will operate as both L1 and L2 , ensuring proactive threat detection, rapid incident response, and smooth functioning of the organization's endpoint security framework.

Key Responsibilities

Implement, manage, and support Trellix Endpoint Protection and EDR solutions across large-scale enterprise setups (10,000+ endpoints).

Perform continuous monitoring, incident triage, and threat hunting using EDR tools.

Troubleshoot and resolve issues related to Next-Gen AV, EDR, and Endpoint Security platforms .

Analyze alerts, investigate suspicious activities, and provide actionable recommendations.

Work closely with SOC teams to support incident response and forensic activities.

Ensure compliance with organizational security policies and industry best practices.

Serve as SME (Subject Matter Expert) with complete technical understanding of the EDR product used, as outlined in the tender.

Maintain updated product knowledge and oversee health, performance, and updates of endpoint agents.

Generate reports, document incidents, and support continuous security improvement initiatives.

Required Skills & Expertise

Proven hands-on experience with Trellix EDR / Endpoint Protection in large deployments (10K+ endpoints).

Strong understanding of :

Endpoint Security (Next-Gen AV + EDR)

Threat Intelligence Feeds

Threat Hunting methodologies

Digital Forensics fundamentals

Excellent troubleshooting skills specifically on End Point Security (Next-Gen AV + EDR) solutions.

Ability to analyze threats, behaviors, and attack patterns.

Familiarity with real-time monitoring dashboards, EDR telemetry, and IOC / IOA analysis.

Good communication and documentation skills.

Ability to function effectively as both L1 and L2 analyst .

Qualifications

Bachelor’s degree in Computer Science, IT, Cybersecurity, or relevant field (preferred).

Mandatory :

Certification from any reputed Endpoint Protection / EDR / Next-Gen Antivirus OEM (e.G., Trellix, CrowdStrike, SentinelOne, Sophos, etc.).

Certification must be valid and not older than 6 months .

2–6 years of experience working in Endpoint Security / EDR operational roles.