EUC Architect

Looking for a workplace where people realize their full potential, are recognized for the impact they make, and enjoy the company of the peers they work with? Welcome to Zensar! Read on for more details on the role and about us.

Zensar is offering an excellent opportunity for an "EUC Architect" to advance your career and achieve your goals. Their amazing benefits include a competitive salary, strong benefits package, and a friendly work environment.

Role: Endpoint Security Architect

Location: Sunnyvale, CA (Onsite - Hybrid 3 Days Work from Office)

Salary: $150K + Benefits.

The EUC Architect will be responsible for designing, assessing, and enhancing the organization s endpoint security posture across laptops, desktops, mobile devices, servers, and VMs. This role ensures alignment of endpoint operations, policies, and enforcement mechanisms with industry standards (NIST), organizational security policies, and regulatory requirements. The ideal candidate has deep experience with EDR/XDR, AV, MDM/Intune, device compliance, endpoint hardening, and integration with SIEM/SOAR/AD environments.

Key Responsibilities:

1. Endpoint Security Architecture & Design

• Review and enhance endpoint architecture, including AV, EDR solutions.
• Evaluate endpoint configuration, control enforcement, coverage, and security baselines.
• Assess integration of endpoint platforms with SIEM, SOAR, Active Directory, Intune/MDM, and CMDB.
• Review architectural components, telemetry flow, and sensor deployment methodology.
• Validate data exchange between endpoint security tools and central monitoring systems.

2. Policy & Governance

• Ensure endpoint security operations align with organizational security policies.
• Review and update endpoint security policies aligned with NIST standards.
• Validate roles & responsibilities across IT, SecOps, and endpoint management teams.
• Evaluate policy coverage including patching, EDR/AV, device onboarding, and compliance.

3. Endpoint Operations & Integration

• Assess GPOs, MDM/Intune policies, device configuration profiles, and enforcement controls.
• Review endpoint discovery & profiling mechanisms to identify unmanaged/rogue devices.
• Validate tagging, categorization, and asset mapping across EDR platforms and CMDB.
• Check integration with NAC, SIEM, AD, vulnerability management, and patching tools.

4. Risk Management, Patching & Compliance

• Review patch management and vulnerability remediation processes across endpoints.
• Verify endpoint compliance monitoring, dashboards, and alerting workflows.
• Assess patching SLAs, automation processes, and compliance reporting.

Skills & Qualifications

Technical Skills

• Strong expertise in EDR/XDR platforms (e.g., CrowdStrike, Defender for Endpoint, Trellix, SentinelOne).
• Hands-on experience with Intune/MDM, SCCM, JAMF, or similar device management tools.
• Solid understanding of SIEM/SOAR platforms and AD integration.
• Strong knowledge of NIST CSF, NIST 800-53/171, CIS benchmarks, and endpoint hardening.
• Familiarity with NAC, vulnerability management, and patching tools (Tenable, Qualys, BigFix, etc.).
• Experience designing endpoint security architectures for large enterprises.