EUS Endpoint Security Engineer, IT

The client has 18.7k Windows and 4.6k Mac end-user endpoints under management, supported across 60 sites and 22 countries around the world. The client is an engineering company, and a large percentage of the employee population researches, designs, and builds software and systems. This position has primary responsibility for the hardening and hygiene of end user laptops, including audit/review of user installed applications, removal of prohibited applications, overall management of a whitelist/blacklist of applications and application versions. Additional responsibilities for Windows & MacOS laptop hardening and hygiene.

Roles and Responsibilities:

Leveraging enterprise tooling and automation (including Threat Locker, Jamf, etc.), and in the context of global / enterprise-level estate management practices, ensure that applications installed on laptops are approved / upgraded / hardened against vulnerabilities

Maintain endpoint and security objectives through monitoring systems, reporting, and key performance indicators

Help resolve incidents and work as the escalation point between IT Support and Security teams

Ensure high levels of run-state consistency across both the Windows and Mac endpoint fleets, ensuring that only authorized software is running, current, properly configured, etc.

Skills Needed:

Understand low-level mechanics of WIN11 & MacOS operating systems, and enterprise standards for managing end-point estates at scale

Skilled in device compliance monitoring and reporting

Experience implementing OS hardening per NIST 800-171 requirements

Experience managing endpoint protection tools such as ThreatLocker, Rapid7, XXX

Deep understanding of scalable application security practices leveraging automation technologies and enterprise management standards

Expertise in endpoint management tools such as Intune, Airwatch, JAMF, and AutomoxSkilled in the administration of software policies, vulnerability management, and application updates to Windows 11 & MacOS devices

In-depth knowledge of endpoint management and security best practices including experience implementing tooling, security protocols, and compliance checks

Ability to communicate effectively and collaborate with staff that is both technical and non-technical

Excellent verbal and written communication skills

Analytical approach to finding the root cause

You might also have:

Proficiency in multiple scripting languages (e.g., PowerShell, Python, and Bash) and experience in developing complex automation scripts.

A degree or equivalent experience in Computer Science or related field.

SQL Reporting and query writing experience

Strong familiarity with PowerBI and other reporting tools

Automation skills (tool agnostic) and the ability to drive initiatives to automate processes.

Education

Preferred 5 years of related experience with a Bachelor's degree or equivalent work experience.