Administer and maintain Trend Micro Vision One (XDR) in a production environment (WITO)
Ensure availability, performance, and integrity of the platform and its modules
Configure and maintain policies, detection rules, and Detection Models
Manage onboarding of new clients to the platform: connectors, sensors, and integrations
Perform continuous alert tuning to reduce false positives
Maintain updates, patches, and security configurations for the tool
Document procedures, runbooks, and the technical knowledge base
Support the SOC team with alert analysis and detection adjustments when required
Produce platform health reports and performance indicators

Proven experience with Trend Micro Vision One (XDR)
Knowledge of the following modules: Endpoint Security, Network Detection, Email Security, and Cloud Security
Ability to configure and tune Detection Models, policies, and security rules
Experience onboarding endpoints, servers, and log integrations to the platform
Basic knowledge of Windows and Linux to support agents and sensors
Technical English for reading official documentation and release notes
Trend Micro certification (TMCSP or XDR Operations track)
Experience with Vision One APIs for automation and integration
Familiarity with other EDR/XDR solutions such as CrowdStrike, Microsoft Defender XDR, or SentinelOne
Basic understanding of SIEM and event correlation (QRadar, Splunk, or similar)
Knowledge of cloud platforms (AWS, Azure, or GCP) for integration of cloud-native events
Degree in IT, Networks, Information Security, or a related field

Information Security Analyst – Trend Micro Vision One, XDR

Key skills