Senior Endpoint Security Engineer

Role Summary

What Youll Do (Core Responsibilities)

Architect and Manage Endpoint Security at Scale

• Lead the design implementation and tuning ofMicrosoft Intune (Endpoint Manager)for Windows macOS iOS and Android endpoints.
• Createpaved road device baselineswith pre-configured encryption firewall endpoint detection patching and configuration standards.
• Administer and integrateMicrosoft Defender for Endpoint (MDE)for advanced threat protection behavioral detection and automated remediation.
• Ensurepolicy consistencyacross cloud-managed and hybrid-joined devices (Intune Group Policy Azure AD).

Security Hardening Compliance and Monitoring

• Define and enforceendpoint security configurationsin line with enterprise standards/policies.
• ImplementConditional Access policiesand device compliance posture checks inMicrosoft Entra (Azure AD).
• Collaborate with Cloud IAM and GRC teams to align device security controls to frameworks such asCIS BenchmarksNIST CSF andZero Trust.
• Integrate endpoint telemetry intoSIEM/SOAR systemsfor threat correlation and automated response.

Automation and Tool Integration

• Develop automation workflows usingPowerShellGraph API orAzure Automationto streamline policy deployment patching and reporting.
• Integrate Intune and MDE with broadersecurity orchestration and compliance tools(e.g. Wiz ServiceNow Sentinel).
• Implementpolicy-as-codeconcepts for device configurations and compliance validation.
• Work with IT Operations to continuously improve speed reliability and security of patch management cycles.

Collaboration and Enablement

• Partner with Desktop Engineering IT and Cloud Security teams to ensure cohesive endpoint and identity integration.
• Provide guidance and documentation for secure endpoint configuration and troubleshooting.
• Develop and delivertraining or quick-start guidesfor IT support staff on endpoint compliance and security posture management.

Minimum Qualifications

• 5 yearsof experience in Endpoint Security Engineering IT Security or related infrastructure roles.
• Hands-on expertise withMicrosoft Intune / Endpoint ManagerDefender for Endpoint (MDE) andAzure AD Conditional Access.
• Strong knowledge ofWindows 10/11andmacOSmanagement and hardening best practices.
• Experience withPowerShell scriptingMicrosoft Graph API or similar automation frameworks.
• Familiarity withMDM and MAM policies compliance baselines and zero-touch deployment processes.
• Understanding ofZero Trustleast privilege anddevice compliance principles.
• Strong troubleshooting and analytical skills across OS network and endpoint layers.

Preferred Qualifications

• Experience integrating endpoint telemetry withSIEM/SOAR systems(e.g. Sentinel Splunk).
• Familiarity withDefender for IdentityDefender for Cloud Apps or other Microsoft 365 Defender suite components.
• Exposure tovulnerability managementand patch automation tools (e.g. TVM Tanium or Qualys).
• Relevant certifications such asMicrosoft Certified: Endpoint Administrator AssociateMD-102SC-200 orCompTIA Security.

Behavioral Competencies

• Enablement mindset:You design controls that protect users without impeding productivity.
• Automation first:You codify baselines and compliance checks to scale effortlessly.
• Curious and analytical:You dig into telemetry and data to reveal root causes and systemic fixes.
• Collaborative:You partner across Security IT and Operations to drive unified endpoint resilience.
• Communicative:You translate device risk into actionable business-relevant outcomes.

#Auris

Candidates should be comfortable with an on-site presence to support collaboration team leadership and cross-functional partnership.

Why Join Us:

At Acrisure were building more than a business were building a community where people can grow thrive and make an impact. Our benefits are designed to support every dimension of your life from your health and finances to your family and future.

Making a lasting impact on the communities it serves Acrisure has pledged more than $22 million through its partnerships with Corewell Health Helen DeVos Childrens Hospital in Grand Rapids Michigan UPMC Childrens Hospital in Pittsburgh Pennsylvania and Blythedale Childrens Hospital in Valhalla New York.

Employee Benefits

We also offer our employees a comprehensive suite of benefits and perks including:

• Physical Wellness: Comprehensive medical insurance dental insurance and vision insurance; life and disability insurance; fertility benefits; wellness resources; and paid sick time.

• Mental Wellness: Generous paid time off and holidays; Employee Assistance Program (EAP); and a complimentary Calm app subscription.

• Financial Wellness: Immediate vesting in a 401(k) plan; Health Savings Account (HSA) and Flexible Spending Account (FSA) options; commuter benefits; and employee discount programs.

• Family Care: Paid maternity leave and paid paternity leave (including for adoptive parents); legal plan options; and pet insurance coverage.

• and so much more!

This list is not exhaustive of all available benefits. Eligibility and waiting periods may apply to certain offerings. Benefits may vary based on subsidiary entity and geographic location.

Acrisure is an Equal Opportunity Employer. We consider qualified applicants without regard to race color religion sex national origin disability or protected veteran status. Applicants may request reasonable accommodation by contacting .

California Residents: Learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy.

Recruitment Fraud: Please visit here to learn more about our Recruitment Fraud Notice.

Welcome your new opportunity awaits you.