Jobs · Information Technology · New York

Senior Endpoint Security Engineer

Con Edison · New York, NY · 6 days ago
On-siteInformation TechnologyOther

Responsibilities

  • Engineer, implement, administer, and continuously improve enterprise endpoint security platforms across workstations, servers, and operational technology endpoint environments.
  • Manage endpoint protection, endpoint detection and response, anti-malware, device control, and related endpoint security controls to reduce cyber risk.
  • Assess, test, pilot, deploy, and operationalize new endpoint security technologies in alignment with enterprise standards, architecture requirements, and business needs.
  • Develop and maintain endpoint security configurations, policies, exclusions, baselines, and deployment standards to support secure and reliable operations.
  • Monitor endpoint security health, coverage, compliance, and control effectiveness; identify gaps and drive remediation with responsible support teams.
  • Partner with desktop, server, infrastructure, operations, and cyber defense teams to support endpoint deployments, upgrades, troubleshooting, and incident response activities.
  • Integrate endpoint telemetry and security events with monitoring, SIEM, and incident response processes to improve detection, investigation, and response capabilities.
  • Perform threat hunting and detection engineering activities using endpoint telemetry, SIEM data, threat intelligence, and attacker behavior patterns to identify suspicious activity, develop detections, and improve cyber defense capabilities.
  • Automate endpoint security administration, reporting, deployment validation, and remediation workflows using scripting and enterprise management tools where appropriate.
  • Support vulnerability, configuration, and patch-related endpoint security initiatives by validating control effectiveness and coordinating remediation activities.
  • Create and maintain technical documentation, operational procedures, implementation plans, and support materials for endpoint security solutions.
  • Collaborate with risk, architecture, procurement, and business stakeholders to evaluate endpoint security capabilities, document requirements, and recommend fit-for-purpose solutions.
  • Stay current on endpoint threat trends, attacker techniques, platform capabilities, and security best practices to continuously improve endpoint protection strategy and operations.

Qualifications

  • Master's Degree and with 2 years of relevant experience IT or Information security or
  • Bachelor's Degree and with 3 years of relevant experience IT or Information security or
  • Associate's Degree and with 5 years of relevant experience IT or Information security or
  • High School Diploma/GED and with 6 years of relevant experience IT or Information security.
  • Master's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 2 years in Information security or Network Security in a senior technical role and experience engineering, implementing, administering, or supporting endpoint security technologies such as antivirus/anti-malware (AV), endpoint detection and response (EDR), extended detection and response (XDR), cyber asset attack surface management (CASM), vulnerability management, and configuration management.
  • Bachelor's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 3 years in Information security or Network Security in a senior technical role and experience managing endpoint security operations, including AV, EDR, XDR, vulnerability management, configuration management, device control, endpoint telemetry, and related security controls.
  • Experience supporting endpoint security deployments, upgrades, troubleshooting, health monitoring, coverage validation, compliance reporting, and remediation activities.
  • Experience integrating endpoint security telemetry with monitoring, SIEM, incident response, and operational workflows preferred.
  • Hands-on experience engineering, implementing, and administering enterprise endpoint security platforms across workstation, server, and operational technology endpoint environments, required.
  • Experience implementing and managing endpoint protection, endpoint detection and response, anti-malware, device control, and related endpoint security controls, required.
  • Knowledge of endpoint security policy management, role-based administration, device grouping, policy enforcement, and secure configuration baselines, required.
  • Experience integrating endpoint telemetry, alerts, and security events with SIEM, monitoring, and incident response processes, required.
  • Understanding of endpoint operating systems, endpoint networking, identity integration, and enterprise device management concepts, required.
  • Experience configuring endpoint security policies, exclusions, prevention controls, detection rules, deployment rings, and operational standards, required.
  • Strong understanding of endpoint security architecture, attack techniques, malware prevention, ransomware defense, and secure endpoint configuration, required.
  • Experience collaborating with desktop, server, infrastructure, operations, and cyber defense teams for endpoint deployments, upgrades, troubleshooting, and remediation, required.
  • Experience with endpoint telemetry collection, event analysis, security monitoring, and incident investigation support, required.
  • Experience performing threat hunting and detection engineering, including developing, tuning, and validating detection logic based on endpoint telemetry, SIEM events, threat intelligence, and attacker tactics, techniques, and procedures, required.
  • Experience implementing endpoint security best practices and providing technical guidance to infrastructure, operations, and support teams, required.
  • Familiarity with endpoint inventory, software control, removable media control, certificate usage, and endpoint compliance reporting, required.
  • Demonstrated experience leading technical workstreams, endpoint security initiatives, or project groups, preferred.
  • Experience securing Windows, Linux, macOS, server, or operational technology endpoint environments preferred.
  • Experience evaluating, piloting, and deploying new endpoint security capabilities to address evolving threats and business requirements, preferred.
  • Experience integrating endpoint security automation into operational workflows using enterprise management, scripting, or configuration management tools, preferred.

Skills and Abilities

  • Demonstrated analytical skills
  • Strong verbal communication and listening skills
  • Develops and delivers effective presentations

Licenses and Certifications

  • GSEC, GCIH, CEH, or equivalent cybersecurity certification.

Preferred

  • Microsoft SC-200, Microsoft SC-300, Microsoft 365 Certified: Endpoint Administrator Associate, CrowdStrike Certified Falcon Administrator, Tanium Certified Operator, GIAC Certified Enterprise Defender(GCED), or equivalent endpoint security certification.

Physical Demands

  • Ability to push, pull, and lift up to 25 pounds
  • Sit or stand to answer a phone for the duration of the workday
Additional Physical Demands:
  • The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.

Similar jobs