Senior Endpoint Security Engineer

Senior Endpoint Security Engineer

Location: Chicago IL Houston TX

Job Summary:

We are seeking a highly skilled and motivated Senior Endpoint Security Engineer to join our team. In this role you will be responsible for ensuring the security and stability of our desktop infrastructure within a large enterprise environment. Your expertise will be crucial in discovering analyzing and addressing risks associated with desktops laptops virtual desktops and applications. You will collaborate with various IT teams to implement robust security measures manage vulnerabilities and ensure compliance with industry standards.

Responsibilities:


Vulnerability Management:


Detect prioritize and mitigate CVE vulnerabilities on endpoint systems including operating systems thirdparty applications GPOs and registry modifications.
Analyze and prioritize vulnerabilities based on risk and impact to ensure effective resolution in alignment with operational stability requirements.
Track assign and oversee the management of vulnerabilities and compliance findings in coordination with responsible teams.
Maintain a comprehensive inventory of vulnerabilities and diligently track remediation efforts to closure.
Regularly report on vulnerability status and trends to management providing actionable insights for decisionmaking.
Vulnerabilities remediation on production enduser devices specifically those running software applications such as Java Adobe products Oracle Visual Studio Edge Chromium Chrome Firefox WinSCP and others.
Responding to zeroday vulnerabilities swiftly and reliably.


Security Engineering:

Security engineering of desktop infrastructure within a large enterprise setting.
Proficiency in the following areas: Active Directory Mobile Device Management (MDM) System Center Configuration Manager (SCCM) Group Policy Objects (GPOs) Windows 11 Windows 10 virtual environments reporting and strong documentation and analytical skills.
Implementation of security benchmarks such as STIG NIST or CIS settings in an enterprise environment.


Automation and Scripting:

Shell scripting specifically creating editing and executing scripts for Windows software and/or operating system use cases.
Collaborate with teams to script and build updates ensuring vulnerabilities and compliance remediations are executed within the stipulated SLA(s).


Testing and Support:

Conducting thorough testing and providing support for software programs drivers commercial applications and operating system updates with an emphasis on security.
Identifying and addressing vulnerabilities within endpoint systems.


Cybersecurity Applications:

Apply working knowledge of cybersecurity applications to enhance the security posture of the organization.


Remediation and Collaboration:

Work closely with IT teams to carry out remediation activities of identified vulnerabilities.


Reporting and Strategy:

Strategizing and reporting on the overall process.




Required Skills and Experience:


Bachelors degree in Computer Science Information Security or a related field (or equivalent experience).
5 years of experience in cyber security and desktop infrastructure management.
Extensive experience with Active Directory MDM SCCM GPOs Windows 10/11 and virtual environments.
Proven ability to detect prioritize and mitigate CVE vulnerabilities.
Strong shell scripting skills.
Experience implementing STIG NIST or CIS benchmarks.
Excellent analytical and problemsolving skills.
Strong documentation and communication skills.
Experience with vulnerability scanning tools.
Knowledge of common endpoint security solutions.


Preferred Qualifications:


Relevant industry certifications (e.g. CompTIA Security CISSP CEH).
Experience with automation tools and scripting languages (PowerShell Python).
Familiarity with cloud security concepts.


Keywords: Cyber security desktop infrastructure vulnerability management CVE Active Directory MDM SCCM GPOs Windows 10 Windows 11 STIG NIST CIS shell scripting endpoint security zeroday vulnerabilities remediation security engineering.

CISSP , POWERSHELL , WINSCP , PYTHON , SCCM , WINDOWS , SHELL SCRIPTING , JAVA , CEH , ENDPOINT SECURITY