Extensive experience in deploying, configuring, upgrading, and optimizing EDR platforms (e.g., CrowdStrike, Microsoft Defender for Endpoint, Sentinel One, Carbon Black) across large and complex user/device environments.
Strong knowledge of endpoint integrations with enterprise security ecosystems, including directory services (AD/LDAP), SIEM platforms, log sources, APIs, and custom data connectors.
Proven ability to troubleshoot, diagnose, and resolve EDR performance issues, sensor health problems, endpoint telemetry gaps, and detection delays.
Deep understanding of threat detection engineering, incident response, threat hunting, and endpoint behaviour analytics, with experience defining rules, policies, and detection use-cases.
Solid background in cybersecurity frameworks and security protocols, including malware analysis concepts, behavioural detection models, MITRE ATTACK, Zero Trust, and endpoint hardening standards