SOC / EDR Incident Handler - Level 2 (Microsoft Defender for Endpoint)

SOC / EDR Incident Handler - Level 2 (Microsoft Defender for Endpoint) Level 2 EDR Incident Handler responsible for owning endpoint investigations and executing incident response, serving as the primary escalation point from Level 1 within a SOC environment. Primary Platform: Microsoft Defender for Endpoint (MDE) Operating Model: SOC / 247 Shift-Based Work Location: Mehrauli-Gurgaon Rd, Sikanderpur, Sector 26, Gurugram, Haryana 122002 Work Mode: All 5days from office Roles & Responsibilities: Perform secondary analysis and final validation of alerts escalated from Level 1, confirming true positives and closing verified false positives with appropriate documentation. Conduct in-depth endpoint investigations to analyse threat behaviour and determine scope and impact. Perform basic proactive threat hunting in MDE using KQL to identify related activity or missed indicators. Independently execute advanced endpoint response actions, including isolation, containment, and threat removal, based...