Endpoint Security Engineer

· Extensive demonstrated experience in design, deployment, optimization, and advanced troubleshooting of EDR platforms such as CrowdStrike, Microsoft Defender, etc. within a large, distributed (10,000+ endpoints, 10+ sites) enterprise environment.

· Experience with creating and updating policies, protection rules, installing services/applications, removing duplicate records, and troubleshooting issues with the EDR sensor, cloud platform, and related applications.

· Familiarity with manual and automated (deployed) application installation procedures on Windows systems.

· Familiarity with manual and automated (deployed) application installation procedures on Linux systems.

· Familiarity with manual and automated (deployed) application installation procedures on macOS, iOS, and iPadOS systems.

· Proven ability to architect, implement, and manage complex firewall rules, access rules, indicators of attack (IOAs), indicators of compromise (IOCs), EDR/NGAV machine learning (ML) exclusions, security configuration policies, and USB device protection/control policies.

· Experience providing Tier 3 support to IT and security teams.

· Advanced experience in creating EDR/NGAV reports and dashboards for security analytics, event trending, compliance auditing, and executive-level presentations from platforms such as CrowdStrike, Microsoft Defender, etc.

· Demonstrated ability to mentor junior engineers, provide technical leadership, and review the work of less-experienced team members, fostering a collaborative working and learning environment.

· Expert ability to collaborate effectively with IT managers, security teams, and other stakeholders to validate configurations, lead discussions on policy enhancements, and provide advanced training.

· Strong technical writing skills for developing and maintaining comprehensive documentation, standard operating procedures (SOPs), basic end user guides, and advanced IT troubleshooting guides.

· Exceptional verbal and written communication skills, including the ability to provide detailed progress, exception, and incident reports for technical audiences, as well as summarized, easy-to-understand reports for non-technical and executive audiences.