• Act as the final escalation point for security incidents, conducting deep-dive investigations and forensic analysis. • Develop, implement, and enhance security monitoring and threat-hunting processes. • Lead incident response efforts, including containment, eradication, and recovery from security breaches. • Conduct threat intelligence analysis and proactively identify emerging security threats. • Tune and optimize security tools such as SIEM, IDS/IPS, endpoint protection, and vulnerability management solutions. • Collaborate with internal teams and external vendors to improve security architecture and processes. • Provide guidance and mentorship to L1 and L2 SOC analysts. • Develop and maintain security policies, playbooks, and incident response procedures. • Ensure compliance with industry regulations and security best practices. • Conduct red teaming exercises and penetration testing simulations.

• Monitor security alerts from SIEM, IDS/IPS, and endpoint security tools. • Investigate and triage security incidents, escalating them as necessary to L2 and L3 analysts. • Perform log analysis to detect anomalies and potential security breaches. • Assist in vulnerability scanning and security assessments. • Document incidents, findings, and recommendations in security reports. • Collaborate with senior SOC analysts to enhance threat detection and response capabilities. • Stay updated on emerging cybersecurity threats and trends. • Support the development of security awareness training for employees.

• Continuously monitor cloud environments for potential security threats • Analyze security alerts and logs to identify suspicious activities • Lead response efforts during security incidents, including containment, eradication, and recovery • Investigate security breaches and identify root causes • Conduct post-incident analysis to suggest improvements • Document security incidents and maintain detailed records • Act on security incidents reported by customers or identified proactively • Follow established security policies and procedures • Monitor and maintain security systems such as firewalls, intrusion detection and prevention systems, and SIEM systems • Implement security measures to prevent future incidents • Stay up-to-date with the latest security trends and technologies

At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain. We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways. Are you curious about being part of our growth stor​y while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation. Job Summary Iron Mountain is seeking an experienced Security Operations Specialist – Endpoint Security to join our Global Information Security team. In this role, you will be responsible for maintaining operational excellence, ensuring high visibility, and strengthening the resilience of our enterprise endpoint security ecosystem. You will work hands-on with leading platforms, including CrowdStrike, Cyberhaven, Axonius, and Tenable, to protect our workforce, data, and infrastructure. What You’ll Do In this role, you will: - Manage Endpoint Security Platforms: Oversee the day-to-day operations, deployment, configuration, and precise tuning of critical endpoint security tools, such as EDR and DLP. - Drive Agent Health and Policy Compliance: Ensure full agent coverage, health, and policy compliance across global endpoints, collaborating with IT and Infrastructure teams to promptly address gaps like missing agents or unprotected systems. - Lead Threat Detection and Response: Investigate high-priority endpoint alerts and threats, performing essential triage and driving timely containment and remediation activities. - Validate Asset Visibility and Vulnerability Oversight: Utilize Axonius and Tenable to validate asset coverage, identify unmanaged devices, and actively support enterprise vulnerability remediation efforts. - Generate Security Insights and Reporting: Produce insightful analysis from endpoint security data, translating complex findings into clear executive summaries and reports that measure our security posture and inform strategic decision-making. - Automate and Enhance Security Workflows: Drive enhancements in security monitoring and response processes, recommending and implementing automation to increase efficiency and reduce manual intervention in security operations. What You’ll Bring The ideal candidate will have: - 5–10 years of hands-on experience in Security Operations, Endpoint Security Engineering, or Incident Response. - Strong knowledge of Endpoint Detection and Response (EDR), with a preference for CrowdStrike. - Proven ability in security event analysis, root cause investigation, and remediation coordination. - Direct hands-on experience with DLP (Cyberhaven a plus), Asset Intelligence Platforms (Axonius), and Vulnerability Scanners (Tenable). - Understanding of diverse enterprise endpoint ecosystems, including Windows, macOS, and Linux. - A Bachelor’s degree in Computer Science, Information Security, or a related field. What We Offer - Location: Remote, India - Shifts: US EST Hours (8:00 a.m. – 5:00 p.m. EST) Category: Information Technology