Analyst Security( Endpoint & Identity Threat Protection (EDR ITP)

About the Role 

The Security Engineer Endpoint & Identity Threat Protection (EDR / ITP) is responsible for implementing maintaining and optimizing advanced endpoint detection and identity threat protection capabilities across Mattels global environment. This mid-level role focuses on enhancing detection accuracy improving response efficiency and strengthening the organizations overall cyber defense posture. The engineer will work closely with cross-functional teams to ensure endpoint and identity protection tools are effectively integrated monitored and tuned to safeguard enterprise systems and data from emerging threats. 

Roles and Responsibilities 

• Deploy manage and optimize Endpoint Detection and Response (EDR) and Identity Threat Protection (ITP) platforms across Mattels enterprise. 

• Develop and fine-tune behavioral analytics detection logic and response rules to identify and mitigate malicious activity targeting endpoints and identities. 

• Collaborate with Security Operations and Incident Response teams to investigate contain and remediate threats in a timely and coordinated manner. 

• Integrate EDR and ITP technologies with SIEM SOAR and other enterprise systems to enhance threat detection visibility and automation. 

• Contribute to the design and implementation of endpoint and identity threat protection controls aligned with Mattels cybersecurity strategy. 

• Partner with IT Infrastructure and Security Architecture teams to support endpoint hardening secure configuration management and policy enforcement. 

• Ensure compliance of endpoint and identity controls with internal security standards and external regulatory requirements. 

• Perform ongoing analysis of endpoint telemetry identity logs and behavioral data to identify patterns and optimize detection efficacy. 

• Collaborate with engineering teams to improve agent performance health and interoperability across platforms and systems. 

• Maintain and update operational documentation playbooks and standard procedures for endpoint and identity threat protection workflows. 

• Participate in post-incident reviews to identify root causes improve detection coverage and strengthen response processes. 

• Evaluate and recommend emerging endpoint and identity protection tools techniques and automation strategies to enhance defense capabilities. 

Skills and Qualifications 

Required: 

• 35 years of experience in cybersecurity engineering focusing on endpoint and identity threat protection solutions. 

• Hands-on experience managing enterprise-grade EDR and ITP platforms such as CrowdStrike SentinelOne Defender for Endpoint or similar. 

• Proficiency in detection engineering developing custom detection logic correlation rules and behavioral analytics for endpoint and identity-based threats. 

• Strong understanding of endpoint operating systems (Windows macOS Linux) and common adversary tactics including privilege escalation and lateral movement. 

• Experience integrating endpoint and identity controls with SIEM SOAR and automation workflows to improve operational efficiency. 

• Knowledge of identity and access management frameworks such as Azure AD Okta SSO and MFA. 

• Experience performing threat analysis using IOC/IOA data event correlation and telemetry investigation. 

• Proficiency in scripting or automation (Python PowerShell or equivalent) for detection tuning enrichment or response orchestration. 

• Solid understanding of endpoint policy management application allowlisting device control and system hardening best practices. 

• Excellent analytical and communication skills with the ability to collaborate effectively across technical and non-technical teams. 

Preferred: 

• Bachelors degree in computer science Information Security or a related field (or equivalent experience). 

• Certifications such as ISC2 CC GIAC GSEC GCED GCIA or CompTIA CySA. 

• Experience with hybrid endpoint environments spanning on-premises cloud and virtual infrastructure (AWS Azure GCP). 

• Familiarity with the MITRE ATT&CK framework for mapping detections and validating coverage. 

• Hands-on experience with SOAR or automation frameworks to streamline response processes. 

• Experience contributing to detection and response process improvement initiatives in global enterprises. 

Shift Timings: 

This position operates during 10:00 18:00 PST (22:30 06:30 IST) Monday through Friday with emergency on-call duties as required 

Qualifications :

What Were Looking For: 

• Demonstrated a growth mindset by staying curious and continuously learning embracing challenges and improving themselves.
   

Additional Information :

Dont meet every single requirement At Mattel we are dedicated to an inclusive workplace and a culture of belonging. If youre excited about this role but your past experience doesnt align perfectly with every qualification in the job description we still encourage you to apply. You may be just the right candidate for this or other roles.

How We Work:
We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:

• We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
• We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
• We execute: We are a performance-driven company. We strive for excellence and are focused on pursuing best-in-class outcomes. We believe in accountability and ownership and know that our people are at their best when they are empowered to create and deliver results.

Our Approach to Flexible Work:
We embrace a flexible work model designed to empower a culture of growth optimism and wellbeing where every employee can reach their full potential. Combining purposeful in-person collaboration with flexibility our focus is to optimize performance and drive connection for moments that matter.

Who We Are:
Mattel is a leading global toy and family entertainment company and owner of one of the most iconic brand portfolios in the world. We engage consumers and fans through our franchise brands including Barbie Hot Wheels Fisher-Price American Girl Thomas & Friends UNO Masters of the Universe Matchbox Monster High MEGA and Polly Pocket as well as other popular properties that we own or license in partnership with global entertainment companies. Our offerings include toys content consumer products digital and live experiences. Our products are sold in collaboration with the worlds leading retail and ecommerce companies. Since its founding in 1945 Mattel is proud to be a trusted partner in empowering generations to explore the wonder of childhood and reach their full potential.

Mattels award-winning workplace culture has been recognized by Forbes Fast Company Newsweek Great Place to Work TIME and more.

Visit us at  is an Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers and all applicants will receive consideration for employment.

Videos to watch:
The Culture at Mattel
Corporate Philanthropy

Remote Work :

No

Employment Type :

Full-time