Security Delivery Lead
Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets).
Must have skills : Endpoint Extended Detection and Response
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary: The CrowdStrike EDR Lead is responsible for end-to-end management, optimization, and operational excellence of the CrowdStrike Falcon platform. This role oversees threat detection, response operations, platform administration, policy governance, and cross-team coordination to ensure robust endpoint security across the enterprise environment. Roles & Responsibilities: - Hands-on lead-level experience with CrowdStrike is mandatory. - Lead administration and configuration of CrowdStrike Falcon modules (Prevent, Insight, Device Control, Firewall - Manage sensor deployment, upgrades, health monitoring, and sensor coverage. - Maintain dashboards, alerts, watchlists, and detection rules. - Oversee tenant health, license utilization, and configuration baselines. - Lead investigation and triage of EDR alerts, detections, and incidents. - Perform deep-dive forensic analysis using Falcon Console, RTR (Real-Time Response), and IOC queries. - Conduct malware analysis, behavioral analysis, and correlation with threat intelligence. - Coordinate containment actions: isolation, killing processes, quarantine, registry modifications, and remediation workflows. - Provide guidance to SOC teams on handling medium/high severity alerts. - Continuously improve detection logic and identify gaps in coverage. - Build custom detection rules (IOCs, YARA rules, behavioral analytics). - Create, tune, and maintain prevention, detection, firewall, device control, and identity protection policies. - Ensure policies follow least privilege, Zero Trust, and business segmentation needs. - Perform periodic audits of configurations, exceptions, and exclusions. - Lead policy harmonization across business units, regions, and OS platforms. - Integrate CrowdStrike with SIEM, SOAR, ITSM, CMDB, IAM, and vulnerability platforms. - Automate response workflows using APIs, scripts, and SOAR integrations. - Support log forwarding, event streaming, and real-time monitoring use cases. - Serve as the escalation point for complex endpoint security incidents. - Partner with SOC, Threat Intel, Forensics, and IT operations teams for coordinated response. - Lead root cause analysis (RCA) and prepare actionable recommendations. - Assist during red team/purple team exercises using Falcon tools. - Generate periodic reports alert trends, sensor health, incident metrics, compliance status. - Support internal/external audits, regulatory compliance, and security assessments. - Maintain documentation for policies, procedures, SOPs, and detection logic. Professional & Technical Skills: - Must To Have Skills: Endpoint security & EDR technologies, Threat hunting using FQL, Incident response and malware analysis, OS internals (Windows, Linux, macOS). - Strong understanding of security frameworks and compliance standards. - Strong hands-on experience with CrowdStrike Falcon platform. - Ability to analyze security incidents and provide actionable insights. - Familiarity with MITRE ATT&CK, SIEM tools (Splunk, QRadar, Sentinel, etc.), API integrations and scripting (Python/PowerShell). - Understanding of enterprise IT infrastructure domain, networking, servers, cloud endpoints. - Strong leadership and team coordination abilities. - Excellent written and verbal communication. - Analytical and problem-solving mindset. - Ability to operate under pressure in high-priority incident scenarios. Additional Information: - The candidate should have minimum 10+ years of experience in cybersecurity with at least 3 5 years in EDR/endpoint security. - This position is based at our Gurugram office. - A 15 years full time education is required. - Hands-on lead-level experience with CrowdStrike Falcon is mandatory. - Preferred certifications: CrowdStrike CCFA, CCFR, CCFH, GCIA, GCFA, GCIH, or other IR/EDR certifications.
Gurugram
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.
We have been alerted to the existence of fraudulent messages asking job seekers to set up payment to cover various costs associated with establishing employment at Accenture. No one is ever required to pay for employment at Accenture. If you are contacted by someone asking for payment, please do not respond, and contact us at india.fc.check@accenture.com immediately.