Endpoint protection engineer

The role Senior endpoint security engineer responsible for protecting enterprise Windows, macOS, and iOS endpoints (workstations and servers) across an SEC environment. You'll own endpoint baselines, patching, vulnerability remediation, and POA&M closure while keeping the environment audit-ready.

What you'll d

• oDesign and maintain endpoint protection across Windows, macOS, iOS, workstations, and server
• sDefine and enforce security baselines using Microsoft Defender for Endpoint and Intun
• eOwn patching and supersedence; coordinate vulnerability remediation with system owner
• sLead POA&M development, tracking, and closure with risk-based prioritizatio
• nMonitor endpoint telemetry, respond to threats, and serve as escalation point for complex incident
• sBuild automation scripts for compliance/remediation reporting; maintain SOPs and runbook
• sSupport FISMA/IG/GAO audit activities and provide technical guidance to engineering team

s
Must-hav

• esU.S. citizenship; able to obtain SEC Public Trust clearan
• ceBachelor's in IT, Computer Science, Engineering, or related fie
• ld8+ years in enterprise endpoint security within large, regulated environmen
• tsAdvanced hands-on with Microsoft Defender for Endpoint and Intune baselin
• esStrong vulnerability management, patching/supersedence, and POA&M experien
• ceExperience documenting SOPs/runbooks and reporting to federal stakeholde

rs
Nice-to-ha

• vesFederal IT experience under FISMA / NIST controls (SEC or similar agency a pl
• us)Enterprise-scale compliance enforcement across a distributed/remote workfo
• rceCerts: SC-200, MD-102, or CI