Senior Helpdesk Analyst Endpoint Security Engineer

This is a remote position.

SUMMARY

The Endpoint Security Engineer serves as a technical escalation point responsible for advanced endpoint support identity administration and day-to-day operation of security tooling across client environments. This role requires independent execution strong judgment and the ability to operate in security- and compliance-sensitive environments. Success is measured not by ticket volume alone but by stability documentation quality risk reduction and client confidence.

JOB RESPONSIBILITIES

Endpoint & User Support

• Tier 2/3 support for Windows and macOS workstation operating systems
  
• Diagnose and resolve complex endpoint application and access issues
  
• Manage endpoint lifecycle: provisioning hardening patching and decommissioning
  
• Support hybrid and fully remote user environments
  

Identity & Productivity Platforms

• Administer Google Workspace and Microsoft 365
  
• User provisioning/deprovisioning
  
• MFA conditional access and device security policies
  
• Exchange Online SharePoint and OneDrive support
  
• Troubleshoot SSO MFA failures identity drift and access anomalies
  

Security Tooling Operations

• Operate and respond to alerts from:
  
• Endpoint Detection and Response (EDR)
  
• Remote Monitoring and Management (RMM)
  
• Application control / allow-listing platforms
  
• Perform first-line security alert triage and escalation
  
• Enforce endpoint security baselines and least-privilege principles
  
• Recognize and report suspicious or non-compliant activity
  

Systems & Infrastructure Support

• Support Windows Server environments (Active Directory DNS Group Policy file services)
  
• Assist with server migrations workstation refreshes and infrastructure projects
  
• Execute changes following documented change control processes
  

• Assess impact and risk before making system changes
  
• Follow formal change control and approval processes
  
• Understand blast radius and rollback considerations
  
• Escalate changes that introduce security or operational risk
  

Documentation Evidence & Audit Readiness

• Produce clear defensible documentation for:
  
• Access changes
  
• Security actions
  
• Incident response activities
  
• Maintain accurate ticket notes suitable for audit review
  
• Contribute to SOPs runbooks and knowledge base articles
  

Client Interaction & Boundary Management

• Communicate clearly with technical and non-technical stakeholders
  
• Set expectations and provide accurate status updates
  
• Professionally push back on insecure or out-of-scope requests
  
• Enforce security standards without bypassing controls to be helpful
  

Incident Response & Operational Support

• Participate in security incidents and after-action reviews
  
• Assist with containment evidence collection and remediation
  
• Document root cause corrective actions and prevention steps
  

QUALIFICATIONS

• 5 years in Helpdesk Desktop or Endpoint Support (MSP experience strongly preferred)
  
• Hands-on experience with:
  
• Google Workspace administration
  
• Microsoft 365 administration
  
• Windows Server and Windows workstation operating systems
  
• MacOS support
  
• Experience working with:
  
• EDR platforms
  
• RMM platforms
  
• Application control / endpoint hardening tools
  
• Strong troubleshooting methodology and root-cause analysis skills
  
• Comfortable operating within SLAs and escalation frameworks
  
• Strong written documentation and technical communication skills
  
• Proven ability to work independently with minimal supervision
  
• Sound judgment in security-sensitive environments
  

Nice to have Experience:

• NinjaOne RMM
  
• SentinelOne
  
• ThreatLocker
  
• Server migration support (on-prem to cloud or hybrid)
  
• Networking fundamentals (DNS DHCP VLANs firewalls VPNs)
  
• Google Cloud Platform (GCP)
  
• AWS
  
• Scripting or automation (PowerShell Bash Python)
  
• Experience supporting compliance-driven environments (NIST CMMC SOC 2)
  

JOB REQUIREMENTS

• Should be willing to accept a long-term work-from-home arrangement.
  
• Should be amenable to a permanent night shift schedule.