Senior Endpoint Security Engineer
Con Edison · New York, NY · 6 days ago
On-siteInformation TechnologyOther
Responsibilities
- Engineer, implement, administer, and continuously improve enterprise endpoint security platforms across workstations, servers, and operational technology endpoint environments.
- Manage endpoint protection, endpoint detection and response, anti-malware, device control, and related endpoint security controls to reduce cyber risk.
- Assess, test, pilot, deploy, and operationalize new endpoint security technologies in alignment with enterprise standards, architecture requirements, and business needs.
- Develop and maintain endpoint security configurations, policies, exclusions, baselines, and deployment standards to support secure and reliable operations.
- Monitor endpoint security health, coverage, compliance, and control effectiveness; identify gaps and drive remediation with responsible support teams.
- Partner with desktop, server, infrastructure, operations, and cyber defense teams to support endpoint deployments, upgrades, troubleshooting, and incident response activities.
- Integrate endpoint telemetry and security events with monitoring, SIEM, and incident response processes to improve detection, investigation, and response capabilities.
- Perform threat hunting and detection engineering activities using endpoint telemetry, SIEM data, threat intelligence, and attacker behavior patterns to identify suspicious activity, develop detections, and improve cyber defense capabilities.
- Automate endpoint security administration, reporting, deployment validation, and remediation workflows using scripting and enterprise management tools where appropriate.
- Support vulnerability, configuration, and patch-related endpoint security initiatives by validating control effectiveness and coordinating remediation activities.
- Create and maintain technical documentation, operational procedures, implementation plans, and support materials for endpoint security solutions.
- Collaborate with risk, architecture, procurement, and business stakeholders to evaluate endpoint security capabilities, document requirements, and recommend fit-for-purpose solutions.
- Stay current on endpoint threat trends, attacker techniques, platform capabilities, and security best practices to continuously improve endpoint protection strategy and operations.
Qualifications
- Master's Degree and with 2 years of relevant experience IT or Information security or
- Bachelor's Degree and with 3 years of relevant experience IT or Information security or
- Associate's Degree and with 5 years of relevant experience IT or Information security or
- High School Diploma/GED and with 6 years of relevant experience IT or Information security.
- Master's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 2 years in Information security or Network Security in a senior technical role and experience engineering, implementing, administering, or supporting endpoint security technologies such as antivirus/anti-malware (AV), endpoint detection and response (EDR), extended detection and response (XDR), cyber asset attack surface management (CASM), vulnerability management, and configuration management.
- Bachelor's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 3 years in Information security or Network Security in a senior technical role and experience managing endpoint security operations, including AV, EDR, XDR, vulnerability management, configuration management, device control, endpoint telemetry, and related security controls.
- Experience supporting endpoint security deployments, upgrades, troubleshooting, health monitoring, coverage validation, compliance reporting, and remediation activities.
- Experience integrating endpoint security telemetry with monitoring, SIEM, incident response, and operational workflows preferred.
- Hands-on experience engineering, implementing, and administering enterprise endpoint security platforms across workstation, server, and operational technology endpoint environments, required.
- Experience implementing and managing endpoint protection, endpoint detection and response, anti-malware, device control, and related endpoint security controls, required.
- Knowledge of endpoint security policy management, role-based administration, device grouping, policy enforcement, and secure configuration baselines, required.
- Experience integrating endpoint telemetry, alerts, and security events with SIEM, monitoring, and incident response processes, required.
- Understanding of endpoint operating systems, endpoint networking, identity integration, and enterprise device management concepts, required.
- Experience configuring endpoint security policies, exclusions, prevention controls, detection rules, deployment rings, and operational standards, required.
- Strong understanding of endpoint security architecture, attack techniques, malware prevention, ransomware defense, and secure endpoint configuration, required.
- Experience collaborating with desktop, server, infrastructure, operations, and cyber defense teams for endpoint deployments, upgrades, troubleshooting, and remediation, required.
- Experience with endpoint telemetry collection, event analysis, security monitoring, and incident investigation support, required.
- Experience performing threat hunting and detection engineering, including developing, tuning, and validating detection logic based on endpoint telemetry, SIEM events, threat intelligence, and attacker tactics, techniques, and procedures, required.
- Experience implementing endpoint security best practices and providing technical guidance to infrastructure, operations, and support teams, required.
- Familiarity with endpoint inventory, software control, removable media control, certificate usage, and endpoint compliance reporting, required.
- Demonstrated experience leading technical workstreams, endpoint security initiatives, or project groups, preferred.
- Experience securing Windows, Linux, macOS, server, or operational technology endpoint environments preferred.
- Experience evaluating, piloting, and deploying new endpoint security capabilities to address evolving threats and business requirements, preferred.
- Experience integrating endpoint security automation into operational workflows using enterprise management, scripting, or configuration management tools, preferred.
Skills and Abilities
- Demonstrated analytical skills
- Strong verbal communication and listening skills
- Develops and delivers effective presentations
Licenses and Certifications
- GSEC, GCIH, CEH, or equivalent cybersecurity certification.
Preferred
- Microsoft SC-200, Microsoft SC-300, Microsoft 365 Certified: Endpoint Administrator Associate, CrowdStrike Certified Falcon Administrator, Tanium Certified Operator, GIAC Certified Enterprise Defender(GCED), or equivalent endpoint security certification.
Physical Demands
- Ability to push, pull, and lift up to 25 pounds
- Sit or stand to answer a phone for the duration of the workday
- The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.