Job Title

Dear Candidates,UST is looking for a EDR SME with atleast 7 years of exp.Required Experience : 7+ YearsNP : Immediate to 30 days onlyLocation: Any UST Location.Interested candidate can share your updated CV to bhoopathyraja.ravindran@JD:We are looking for a highly skilled and motivated L3 EDR Subject Matter Expert (SME) to join our Managed EDR (MEDR) team. The SME will play a key role in managing, optimizing, and evolving enterprise-grade EDR/XDR platforms across multiple client environments. This role demands strong technical expertise, analytical thinking, and a proactive approach to improving platform performance, automation, and service delivery.Key Responsibilities:Platform Administration & Optimization- Own the administration, configuration, and tuning of EDR/XDR platforms (e.g., Microsoft Defender, Cybereason, SentinelOne, CrowdStrike,). - Maintain and optimize policies, exclusions, and performance baselines. - Conduct regular platform health checks, upgrades, and patch validations. - Manage multi-tenant or multi-client environments within SaaS/Hybrid EDR deployments. Incident Support & Advanced Troubleshooting - Serve as the highest escalation point (L3) for complex platform or endpoint issues. - Collaborate with SOC teams during critical incidents for technical deep-dive analysis. - Perform root cause analysis and provide platform-level remediations. Automation & Operational Excellence - Develop scripts or playbooks (PowerShell, Python, API integrations) to automate repetitive administrative tasks. - Identify areas for process improvement to enhance speed, efficiency, and reliability of the MEDR service. Service Delivery & Client Support - Work closely with client security teams and product owners for change management, onboarding, and continuous improvement. - Create and maintain detailed operational documentation, SOPs, and configuration baselines. - Provide technical inputs during service reviews and roadmap discussions. Security Engineering & Continuous Improvement - Contribute to EDR policy enhancements, integration with SIEM/SOAR tools, and telemetry enrichment. - Research and test new EDR features, threat detection techniques, and best practices. - Mentor L1/L2 analysts and guide them on advanced EDR operations.Required Skills & Qualifications:- Strong hands-on experience with Cybereason, Microsoft Defender for Endpoint, SentinelOne, CrowdStrike, or Cortex XDR (at least two mandatory). - Deep understanding of endpoint security architecture, EDR telemetry, and threat hunting workflows. - Experience in policy fine-tuning, device group management, automation (PowerShell, Python), and API-based integrations. - Knowledge of Windows, macOS, and Linux endpoint internals and troubleshooting. - Familiarity with MITRE ATT&CK, incident lifecycle, and EDR-SIEM integrations. - Excellent documentation, communication, and cross-functional collaboration skills. - Strong analytical and problem-solving skills. - Ownership mindset with ability to operate independently. - Mentorship and knowledge-sharing orientation. - Continuous learner attitude towards emerging EDR and XDR technologies.SkillsSentinelOne, EDR, Crowdstrike, Cybereason