Krish Services Group
Website:
krishservicesgroup.com
Job details:
Company Description
Founded in 2011, Krish Services Group is a global leader in software development and cloud solutions with a strong focus on empowering businesses in the digital age. With expertise in full-stack development and mastery of platforms such as .NET, Azure, AWS, and Google Cloud, the company offers tailored solutions for web and mobile applications, DevOps, and SharePoint/Office 365 integration. As a trusted partner to leading companies and SaaS providers, Krish Services Group specializes in cloud migrations, security enhancements, and performance optimization. The company's mission is to transform businesses with expert consulting, managed services, and innovative tools like Microsoft’s Power Platform.
Job description:
Company Description:
Krish is committed to helping our customers achieve their technology goals and will always emphasize the success of our customers as our top priority and in building long-term and productive relationships. Krish’s goal of adding the best value to its customers with a combination of right technology, right people, and right costs is achieved through experience and integrity of our consultants and our custom delivery processes.
About the Role
· The L3 Security Engineer will act as the highest escalation point for incidents related to Cortex XDR. The role involves advanced threat hunting, complex incident investigation, policy tuning, integration management, and strategic security improvements.
Strong hands-on experience with Cortex XDR. Deep understanding of Malware analysis, Endpoint forensics, Windows/Linux internals, Network security fundamentals
· Experience in scripting (PowerShell / Python) preferred.
· Knowledge of MITRE ATT&CK framework.
· Experience handling P1/P2 incidents.
Advanced Incident Handling
· Act as L3 escalation point for critical and complex security incidents.
· Perform deep-dive forensic investigations using Cortex XDR.
· Analyze endpoint telemetry, network data, and behavioral analytics.
· Lead containment, eradication, and recovery actions.
Threat Hunting & Detection Engineering
· Conduct proactive threat hunting using XDR query language.
· Develop and optimize custom detection rules.
· Identify gaps in detection coverage and improve visibility.
· Map detections to MITRE ATT&CK framework.
Policy & Platform Management
· Fine-tune prevention policies (malware, exploit, behavioral threat protection).
· Manage exceptions, exclusions, and false-positive reduction.
· Upgrade agents and ensure endpoint health monitoring.
· Perform platform health checks and capacity planning.
Integration & Automation
· Integrate Cortex XDR with SIEM/SOAR tools.
· Automate response actions and playbooks.
· Support log forwarding and API integrations.
Root Cause Analysis & Reporting
· Perform RCA for major incidents.
· Provide executive-level incident summaries.
· Recommend security posture improvements.
Collaboration
· Work with L1/L2 SOC teams for knowledge transfer.
· Coordinate with IT, Network, and Infra teams during containment.
· Support audits and compliance requirements.
Preferred Certifications:
· Palo Alto Networks Certified Cybersecurity Professional (PCCP)
· Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA)
Click on Apply to know more.