EDR/NDR Engineer

I.      PURPOSE

The EDR/NDR Engineer supports the development and refinement of Endpoint/Network Detection and Response under the guidance of the Optimization and Support Lead. He/she participates in client workshops, assists in gathering requirements, and gains hands-on experience in EDR/NDR processes. Additionally, he/she executes adjustments and refinements based on feedback, actively engages in learning opportunities, and collaborates with team members to ensure timely delivery of EDR/NDR initiatives.

II.     DUTIES AND RESPONSIBILITIES

General

• Accomplishes all assigned tasks by the management in a timely and effective manner as deemed necessary for the betterment of the organization.
• Follows effective and efficient processes and comply with escalation protocols.
• Contributes to the knowledge and information relevant to Systems and Platforms.
• Participates in activities promoting a harmonious working environment such as demonstrating trust and respect and practicing open communication.
• Complies with company policies, guidelines, standards, and procedures.
• Professionally represents Trends management; enriching client relationships and providing expertise, composure, and competence.
• Collaborates with team members in creating initial drafts of documentation, including specifications and optimization guidelines.
• Receives information from Technical Groups and Sales Group/s Solutions Architects.

Platform Support and Administration

• Implements updates and/or changes for EDR/NDR.

Availability Management

• Identifies and resolves availability incidents or performance degradation issues.
• Maintains and updates regular maintenance and updates of EDR/NDR to ensure stability and reliability.
• Performs routine maintenance activities, such as software updates, patches, and system configurations, under the guidance of the Optimization and Support Lead.
• Learns and applies availability management best practices and procedures to ensure the reliability and stability of EDR/NDR.
• Documents availability management processes and procedures, and in developing and maintaining use cases.

Service Catalog Management

• Maintains and updates entries in the service catalog following established procedures and guidelines.
• Promotes awareness of the service catalog among internal teams and stakeholders.

Service Level Management

• Follows key metrics defined in the Service Level Agreement (SLA).

Operational Level Management

• Follows key metrics defined in the Operational Level Agreement (OLA).
• Collects, analyzes data and identifies areas for improvement.
• Addresses performance issues and implements corrective actions.
• Adheres to set targets and Operational Level Agreements (OLA) with the internal customers.

Member of the Internal Change Advisory Board and Project Implementation Team

• Executes tasks and activities to support the implementation of approved changes and projects

Configuration Management

• Documents configurations for the EDR/NDR artifacts under the guidance of senior team members.

Provides 1st Level Support to internal customers.

• Responds to support tickets and inquiries in a timely manner.
• Performs basic troubleshooting and issue triage.

Access Management

• Receives information on the authorizations of users' right to access internal infrastructure, platforms, and technical security controls, while preventing access to non-authorized users.
• Executes policies defined in Information Security Management.

Incident Management

• Drafts Incident Report if applicable.
• Investigates and resolves incidents affecting Endpoint/Network Detection and Response.
• Tests and validates EDR/NDR to ensure functionality and effectiveness, helping to identify and address any issues or gaps in detection capabilities.
• Provides insight in post-incident reviews and analysis to help identify opportunities for process improvements and enhancements to EDR/NDR methodologies.

IT Asset Management

• Contributes to maximizing value, controlling costs, managing risks of assets to meet regulatory and contractual obligations of the Managed ICT Service.

IT Operations Management

• Implements all automated solutions.
• Continuous documentation of Endpoint/Network Detection and Response that has been improved/optimized.
• Optimize best practices for resource management and utilization.

Problem Management

• Implements corrective actions and preventive measures under the guidance of the Lead.
• Receives information on the causes of incidents on internal Endpoint/Network Detection and Response.

Process Management

• Receives information related to the enforcement, monitoring, measurement, and continual improvement on the process areas related to internal infrastructure, platforms, and technical security controls needed for Managed ICT Service delivery.

III.   QUALIFICATIONS

A.    Minimum Education

• Bachelor's degree in information systems, Information Technology (IT), Computer Science, Engineering, or other technical / IT field

B.    Minimum Experience/Training

• At least 1-2 years of working experience in the Information Security Engineering or underwent the MICTS Cadetship Program
• Familiarity with the following security solutions:

• EDR ( Crowdstrike, TrendMicro, Microsoft Sentinel, Rapid7, etc...)

• Familiarity with Mitre Attack framework

• Comfortable working on computer networking, information security, and understanding security threats based on different scenarios.
• Preferably but not required training and certification:
• ISMS LA
• ITIL Foundation
• CompTIA Security+
• CompTIA Network+
• CEH
• And other security solutions

IV.   WORKING CONDITIONS

• Reporting to the company's main office in Makati City on a hybrid work arrangement.
• Collaborate physically and/or virtually with internal and external stakeholders.
• May travel for face-to-face client meetings, company-sponsored conferences, and related marketing events.
• Attend training and acquire certifications that are applicable to the role.