Job Description – Endpoint Security Architect

Role Overview

The Endpoint Security Architect will be responsible for designing, assessing, and enhancing the organization’s endpoint security posture across laptops, desktops, mobile devices, servers, and VMs. This role ensures alignment of endpoint operations, policies, and enforcement mechanisms with industry standards (NIST), organizational security policies, and regulatory requirements. The ideal candidate has deep experience with EDR/XDR, AV, MDM/Intune, device compliance, endpoint hardening, and integration with SIEM/SOAR/AD environments.

Key Responsibilities

1. Endpoint Security Architecture & Design

• Review and enhance endpoint architecture, including AV, EDR solutions.
• Evaluate endpoint configuration, control enforcement, coverage, and security baselines.
• Assess integration of endpoint platforms with SIEM, SOAR, Active Directory, Intune/MDM, and CMDB.
• Review architectural components, telemetry flow, and sensor deployment methodology.
• Validate data exchange between endpoint security tools and central monitoring systems.

2. Policy & Governance

• Ensure endpoint security operations align with organizational security policies.
• Review and update endpoint security policies aligned with NIST standards.
• Validate roles & responsibilities across IT, SecOps, and endpoint management teams.
• Evaluate policy coverage including patching, EDR/AV, device onboarding, and compliance.

3. Endpoint Operations & Integration

• Assess GPOs, MDM/Intune policies, device configuration profiles, and enforcement controls.
• Review endpoint discovery & profiling mechanisms to identify unmanaged/rogue devices.
• Validate tagging, categorization, and asset mapping across EDR platforms and CMDB.
• Check integration with NAC, SIEM, AD, vulnerability management, and patching tools.

4. Risk Management, Patching & Compliance

• Review patch management and vulnerability remediation processes across endpoints.
• Verify endpoint compliance monitoring, dashboards, and alerting workflows.
• Assess patching SLAs, automation processes, and compliance reporting.

Skills & Qualifications

Technical Skills

• Strong expertise in EDR/XDR platforms (e.g., CrowdStrike, Defender for Endpoint, Trellix, SentinelOne).
• Hands-on experience with Intune/MDM, SCCM, JAMF, or similar device management tools.
• Solid understanding of SIEM/SOAR platforms and AD integration.
• Strong knowledge of NIST CSF, NIST 800-53/171, CIS benchmarks, and endpoint hardening.
• Familiarity with NAC, vulnerability management, and patching tools (Tenable, Qualys, BigFix, etc.).
• Experience designing endpoint security architectures for large enterprises.