Sr Endpoint Security Engineer

Stefanini Group

Job Location:

New York City, NY - USA

Monthly Salary: Not Disclosed

Posted on: 13 days ago

Vacancies: 1 Vacancy

Job Summary

Details:

Stefanini Groupis looking forSr Endpoint Security Engineerfor a globally recognized company! For interested applicants click the apply button or you may reach out to AlfherHidalgo at / for faster processing. Thank you!

Were looking for a Senior Endpoint Security Engineer to own and evolve our endpoint security and identity ecosystem across a modern cloud-first environment.

This is a high-impact role where youll lead strategy and hands-on execution across:

macOS endpoint management (Jamf Pro)
Apple Business Manager
Identity platforms (Entra ID Okta Google Workspace)
EDR/XDR (CrowdStrike or similar including managed SOC integrations)

Youll help drive Zero Trust architecture automate device lifecycle management and improve enterprise securityposture at scale.

What Youll Do

Endpoint Security (macOS-Focused)

Own and manage Jamf Pro for macOS fleet (configuration compliance patching)
Lead Apple Business Manager integration for automated device enrollment & lifecycle
Implement endpoint hardening (CIS benchmarks encryptionpolicy enforcement)

Threat Detection & Response

Deploy & optimize CrowdStrike (or equivalent EDR/XDR)
Partner with MDR/MSSP providers for 24/7 threat coverage
Investigate alerts tune detections and improve response playbooks

Identity & Access (Zero Trust Enablement)

Integrate and manage:
- Microsoft Entra ID (Azure AD)
- Okta (SSO MFA lifecycle)
- Google Workspace (existing identity layer)
Build conditional accesspolicies tied to device posture
Enable seamless SSO and identity federation

Automation & Integration

Automate provisioning/deprovisioning across Jamf Okta Entra ID Google Workspace
Build scripts (Python/Bash) and API integrations
Integrate with SIEM/SOAR platforms (e.g. Sentinel Splunk)

Compliance & Governance

Support SOX / SOC 2 / ISO audit readiness
Maintain endpoint and identity security documentation
Deliver reporting on device compliance vulnerabilities and incidents

Details:

Required Experience

5 years inendpoint security or endpoint engineering
Strong hands-on experience with:
- Jamf Pro (macOS management is a must)
- Apple Business Manager
- CrowdStrike or similar EDR/XDR
Identity platform experience:
- Entra ID (Azure AD)
- Okta
Experience inGoogle Workspace environments
Solid understanding ofZero Trust and endpoint security frameworks
Scripting:Python Bash orPowerShell

Nice-to-Haves (Stand Out Candidates)

Jamf / CrowdStrike / Okta certifications
Experience with MDR/MSSP environments
SIEM tools (Splunk Sentinel)
Experience in SOX-compliant environments
API integrations across security platforms

#LI-REMOTE
#LI-AH1

Required Experience:

Senior IC

Details:Stefanini Groupis looking forSr Endpoint Security Engineerfor a globally recognized company! For interested applicants click the apply button or you may reach out to AlfherHidalgo at / for faster processing. Thank you!Were looking for a Senior Endpoint Security Engineer to own and evolve our...

Details:

Were looking for a Senior Endpoint Security Engineer to own and evolve our endpoint security and identity ecosystem across a modern cloud-first environment.

This is a high-impact role where youll lead strategy and hands-on execution across:

macOS endpoint management (Jamf Pro)
Apple Business Manager
Identity platforms (Entra ID Okta Google Workspace)
EDR/XDR (CrowdStrike or similar including managed SOC integrations)

Youll help drive Zero Trust architecture automate device lifecycle management and improve enterprise securityposture at scale.

What Youll Do

Endpoint Security (macOS-Focused)

Own and manage Jamf Pro for macOS fleet (configuration compliance patching)
Lead Apple Business Manager integration for automated device enrollment & lifecycle
Implement endpoint hardening (CIS benchmarks encryptionpolicy enforcement)

Threat Detection & Response

Deploy & optimize CrowdStrike (or equivalent EDR/XDR)
Partner with MDR/MSSP providers for 24/7 threat coverage
Investigate alerts tune detections and improve response playbooks

Identity & Access (Zero Trust Enablement)

Integrate and manage:
- Microsoft Entra ID (Azure AD)
- Okta (SSO MFA lifecycle)
- Google Workspace (existing identity layer)
Build conditional accesspolicies tied to device posture
Enable seamless SSO and identity federation

Automation & Integration

Automate provisioning/deprovisioning across Jamf Okta Entra ID Google Workspace
Build scripts (Python/Bash) and API integrations
Integrate with SIEM/SOAR platforms (e.g. Sentinel Splunk)

Compliance & Governance

Support SOX / SOC 2 / ISO audit readiness
Maintain endpoint and identity security documentation
Deliver reporting on device compliance vulnerabilities and incidents

Details:

Required Experience

5 years inendpoint security or endpoint engineering
Strong hands-on experience with:
- Jamf Pro (macOS management is a must)
- Apple Business Manager
- CrowdStrike or similar EDR/XDR
Identity platform experience:
- Entra ID (Azure AD)
- Okta
Experience inGoogle Workspace environments
Solid understanding ofZero Trust and endpoint security frameworks
Scripting:Python Bash orPowerShell