IF

Senior Security Engineer – EDR & Malware Defence

Accepting applications

IDFC FIRST Bank · Navi Mumbai, Maharashtra, India

Full-Time Principal PythonSOC
Estimated market salary
₹24-44 LPA

This is a SiliconBoard market estimate, not an employer-posted salary.

Posted
4d ago
Category
Design
Experience
Principal
Country
India
Job Requirements

Role/Job Title

Senior Infra Security Engineer

(Endpoint & Malware Defence)

Experience: 10+ years Employment Type: Full-time

Job Purpose:

IDFC FIRST Bank is seeking a Senior Security Engineer to own and enhance its Endpoint Detection & Response (EDR/XDR) capability. This role focuses on endpoint threat detection, behavioural analysis, threat hunting, and incident response, ensuring rapid identification, containment, and remediation of endpoint-based attacks across the enterprise.

Key Responsibilities:

EDR & Endpoint Security Engineering:

Own the design, deployment, tuning, and lifecycle management of EDR/XDR platforms (SentinelOne, CrowdStrike, Microsoft Defender for Endpoint).
Optimize detection policies, exclusions, response actions, and telemetry collection to balance security efficacy and operational stability.
Ensure endpoint protection coverage across Windows, Linux, and VDI environments.

Threat Detection, Hunting & Response:

Investigate and triage EDR alerts using behavioural analytics and threat intelligence.
Perform hypothesis-driven threat hunting leveraging MITRE ATT&CK techniques and endpoint telemetry.
Identify malicious activity including malware, living-off-the-land attacks, credential abuse, and persistence mechanisms.
Lead containment, eradication, and recovery actions in coordination with SOC and Incident Response teams.

Detection Engineering & Automation:

Develop, tune, and validate detection logic, alert use-cases, and response workflows.
Integrate EDR telemetry with SIEM and SOAR platforms to enable automated enrichment and response.
Continuously improve detection fidelity and reduce false positives through data-driven analysis.

Malware & Forensics Support

Conduct root cause analysis for endpoint-based incidents.
Support malware analysis efforts through behavioural investigation and forensic artifact analysis (without mandatory reverse engineering).
Contribute to post-incident reviews and control improvements.

Governance & Continuous Improvement

Maintain playbooks, SOPs, and investigation documentation.
Track emerging endpoint threats, attack techniques, and EDR advancements.
Provide recommendations to improve endpoint security posture, policies, and controls.

Mandatory Skills

Hands-on experience with EDR/XDR platforms (SentinelOne, CrowdStrike, Microsoft Defender for Endpoint).
Strong understanding of endpoint attack techniques, malware behaviour, and adversary TTPs.
Experience with MITRE ATT&CK, threat intelligence, and behavioural analytics.
Working knowledge of SIEM integration and alert triage workflows.
OS-level understanding of Windows and Linux endpoints.
Exposure to endpoint-related security controls (DLP, device control, application control).

Good to Have

Threat hunting experience using endpoint telemetry.
Scripting or automation skills (PowerShell, Python).
SOAR exposure.
Vendor certifications (SentinelOne, Microsoft Security, CrowdStrike).

Experience & Education

Minimum 5 years of experience in endpoint security, EDR, SOC, or detection engineering roles.

Bachelor’s degree in Engineering / Computer Science (Master’s preferred).
Show more Show less