Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Endpoint Extended Detection and Response

Good to have skills :

NA

Minimum

3

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: experience in cybersecurity with at least 2 years in Ransomware Analysis security. The Halcyon Ransomware Protection is responsible for managing and optimizing the Halcyon anti-ransomware platform across the enterprise. This role focuses on ransomware detection, prevention, isolation, rollback operations, and integration of Halcyon with the existing cybersecurity ecosystem to strengthen organizational resilience against advanced ransomware threats. Roles & Responsibilities: -Deploy, configure, and maintain the Halcyon anti-ransomware agent across endpoints and servers. -Monitor platform health, sensor coverage, and real-time protection status. -Manage platform configurations, policy updates, signature updates, and agent upgrades. -Ensure high availability and operational continuity of the Halcyon platform. -Review Halcyon alerts, detections, and high-risk events for ransomware activity. -Perform deep analysis on suspicious behaviors using Halcyon threat intel and behavioral telemetry. -Lead containment actions: isolate systems, kill ransomware processes, and remove malicious artifacts. -Execute Halcyon rollback and recovery procedures to restore encrypted files and system integrity. -Work with SOC and IR teams for coordinated incident response. -Hunt for early indicators of ransomware staging (persistence, privilege escalation, lateral movement). -Utilize Halcyon's Threat Response Intelligence, behavioral indicators, and AI/ML insights. -Identify gaps in ransomware defenses and propose improvements. -Conduct post-incident forensics and malware behavior analysis. -Design, implement, and tune ransomware protection policies to reduce false positives and enhance detection accuracy. -Manage application allow/deny lists, behavioral analysis thresholds, and rollback rules. -Maintain consistent policy governance across regions and business units. -Integrate Halcyon with SIEM, SOAR, EDR, ITSM, and incident response platforms. -Create automated playbooks for ransomware alerts, isolation workflows, ticketing, and remediation. -Leverage APIs for automated deployment, alert enrichment, and reporting. -Act as the L3 escalation for ransomware-related security events. -Participate in tabletop exercises, red team/purple team scenarios focused on ransomware readiness. -Provide guidance to SOC, IT Ops, and Endpoint teams on secure configuration and ransomware resilience. Generate reports on: Attack attempts,Encryption prevention success rates,Rollback events,Sensor health and coverage,Ransomware trends and risk posture,Support internal audits, compliance assessments, and customer due-diligence requests, Maintain documentation for policies, SOPs, configurations, and incident playbooks. Professional & Technical Skills: - Strong hands-on experience with Halcyon Ransomware Protection Platform (mandatory for lead-level roles). -Expertise in ransomware behavior, attack chain, encryption techniques, and mitigation strategies. -Experience with EDR/AV tools such as CrowdStrike, Defender ATP, SentinelOne, or Carbon Black. -Strong understanding of: -Windows and Linux internals -MITRE ATT&CK (especially T1486, T1489, T1490) -Privilege escalation, lateral movement, persistence techniques -Scripting knowledge (PowerShell or Python) for automation and investigations. -Familiarity with SIEM/SOAR tools and incident response frameworks (NIST, SANS). -Vendor-specific EDR/IR certifications Additional Information: - The candidate should have minimum 3 years of experience in Endpoint Extended Detection and Response. - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education