Senior Endpoint Security Engineer – Carbon Black & Symantec
Plurilock · Branchburg, NJ · 7 mo ago
Information TechnologyContract
Key Responsibilities
- Lead enterprise-wide deployment, configuration, and lifecycle operations for Carbon Black and Symantec endpoint platforms.
- Architect scalable endpoint security solutions aligned to organizational standards and zero-trust principles.
- Develop and refine advanced policies, application controls, EDR rules, tamper protection settings, and prevention controls.
- Oversee tuning activities to balance protection, performance, and operational efficiency.
- Serve as Tier 3 engineering escalation for endpoint security issues and agent health failures.
- Lead deep-dive incident investigations using Carbon Black and Symantec telemetry, process analysis, and behavioral tracking.
- Build integrations with SIEM, SOAR, vulnerability management, and IT ops tools.
- Create enterprise standards, architecture documentation, runbooks, and engineering playbooks.
- Mentor mid-level and junior engineers; contribute to team capability development.
- Evaluate new capabilities, conduct PoCs, and recommend improvements to endpoint strategy.
- Support compliance requirements including ISO 27001, NIST CSF, CIS Controls, and sector-specific mandates.
Required Qualifications
- 6–10 years of experience in information security or endpoint engineering roles.
- Expert-level experience with VMware Carbon Black (App Control, EDR, Cloud) including advanced policy design, incident response, and console administration.
- Expert-level experience with Symantec endpoint security platforms (SEP, SES, Symantec EDR, content policy tuning).
- Strong understanding of endpoint forensics, malware analysis fundamentals, and attacker tradecraft.
- Proficiency with Windows, macOS, and/or Linux endpoint internals and event logging.
- Demonstrated experience integrating endpoint data with SIEM/SOAR platforms.
- Able to lead complex troubleshooting involving OS, network, and security layers.
- Strong documentation, communication, and technical leadership abilities.
Preferred Qualifications
- Experience designing enterprise security architectures or zero-trust endpoint models.
- Significant experience in environments with 5,000+ endpoints.
- Development or automation experience with PowerShell, Python, Bash, or REST APIs.
- Experience with threat modeling, purple teaming, or incident response leadership.
- Certifications such as CBCA, CBCM, Symantec/Broadcom certifications, GSEC, GCED, GCIA, GCFA, or similar.
Soft Skills & Leadership
- Strong ownership mindset with the ability to drive outcomes with minimal oversight.
- Capable of leading cross-functional initiatives involving SOC, IT, cloud engineering, and compliance teams.
- High judgment and ability to balance business, operational, and security requirements.
- Able to communicate complex technical concepts to executives and non-technical stakeholders.
- Mentors others, raises team maturity, and establishes engineering best practices.