Endpoint Automation Staff Engineer
About the role
The Endpoint and Automation Security Engineer is responsible for designing, implementing, maintaining, and improving endpoint security technologies and security automation solutions across the enterprise environment. This role focuses on protecting organizational assets through endpoint detection and response (EDR), scripting, orchestration, and operational security automation.
Responsibilities
- Administer, maintain, and optimize endpoint security platforms including EDR/XDR, device control, and endpoint management solutions.
- Develop and maintain security automation workflows to improve detection, response, remediation, and operational efficiency.
- Create and support scripts and automation tools using PowerShell, Python, Bash, or similar languages.
- Monitor endpoint security alerts and collaborate with Security Operations teams during investigations and incident response activities.
- Implement endpoint hardening standards and security baselines for Windows, macOS, Linux, and mobile platforms.
- Support identity and access management initiatives related to endpoint security controls.
- Integrate endpoint security tooling with SIEM, ticketing, orchestration, and monitoring platforms.
- Participate in security assessments, audits, compliance initiatives, and remediation efforts.
- Troubleshoot and resolve complex endpoint security and automation issues.
- Create and maintain technical documentation, operational procedures, and knowledge base articles.
- Collaborate with cross-functional teams to support secure infrastructure and cloud initiatives.
Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent work experience.
- 3–5 years of experience in cybersecurity, endpoint engineering, systems administration, or security automation.
- Experience administering endpoint security platforms.
- Experience with scripting or automation using PowerShell, Python, Bash, or similar languages.
- Understanding of endpoint security principles, threat detection, malware defense, and incident response processes.
- Familiarity with Windows and Linux operating systems and enterprise endpoint management.
- Experience working with SIEM or security monitoring platforms.
- Knowledge of vulnerability management tools and remediation processes.
- Strong analytical, troubleshooting, and problem-solving skills.
- Ability to communicate technical concepts effectively to technical and non-technical audiences.
Qualifications
- Preferred: Familiarity with cloud security technologies in Azure, AWS, or Google Cloud.
- Preferred: Experience integrating APIs and security tooling.
- Preferred: Knowledge of Active Directory, Entra ID (Azure AD), and identity security concepts.
- Preferred: Experience with configuration management tools such as Ansible, SCCM, Intune, Jamf, or Puppet.
Skills
- Endpoint Detection and Response (EDR/XDR)
- Security Automation and Orchestration
- Powershell, Python, Bash
- API Integrations
- Endpoint Hardening
- Cloud Security Fundamentals
Benefits
Annual Salary: $110,000.00 - $230,000.00
The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.
GEICO will consider sponsoring a new qualified applicant for employment authorization for this position.
The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers.