Job Summary:
The Endpoint Protection Technology Services Engineer at Softrim will own endpoint security and patch compliance across our MSP client environments. You will plan, test, deploy, and monitor OS/app updates; deploy, manage, and tune EDR/XDR; validate vulnerability findings; and lead/execute incident response playbooks for malware, ransomware, and insider risks. The role blends hands-on tooling, automation, and client-facing communication to measurably raise security posture and maintain compliance.
Responsibilities:
· Patch management at scale: Build ringed deployment strategies, pilots, and phased rollouts; schedule maintenance windows; handle approvals/rollback; track patch compliance SLAs across Windows (and macOS where applicable) via various ITSM tools.
· Application & driver updates: Package, test, and deploy third-party updates (e.g., browsers, runtimes); manage superdense and compatibility issues.
· EDR/XDR operations: Deploy and maintain EDR/XDR; configure policies, prevention/visibility settings, exclusions, device control, and rules; monitor detections and contain/isolate endpoints.
· Threat hunting & investigations: Use ITSM tools (Advanced Hunting / KQL) to identify IOCs, suspicious behaviors, lateral movement, and persistence; document findings and recommendations.
· Incident response: Execute playbooks (triage → containment → eradication → recovery); coordinate with clients and internal teams; produce RCAs and hardening actions post-incident.
· Vulnerability management: Validate scan results from ITSM tools; prioritize by CVSS/exploitability, assign owners, track remediation/exception justifications, and report aging.
· Endpoint hardening: Apply baselines (CIS-aligned where applicable), BitLocker, local admin control, Credential Guard/LSA protections, firewall policies, Wi-Fi/proxy/SSL inspection considerations.
· Automation & reporting: Script with PowerShell and APIs/Graph to automate deployments, compliance checks, evidence packs, and exceptions; publish dashboards (compliance %, MTTP, EDR coverage, vuln aging).
· Change & documentation: Follow CAB/change control; maintain runbooks, SOPs, and client security review decks; ensure ticket/time-entry hygiene in PSA.
· Client communication: Lead security check-ins/QBRs, advise on risk and prioritization, and translate technical outcomes into business impact and next steps.
Qualifications:
· 3+ years in an MSP or multi-tenant environment focused on endpoint security and patch management.
· Hands-on expertise with device management tools.
· Operational experience with EDR/XDR and vulnerability tools for Endpoints including policy tuning, incident handling, and containment.
· Intermediate PowerShell for automation and reporting.
· Solid fundamentals in Windows endpoint administration, AD/Entra device compliance, networking basics and change management.
· Clear, concise communication: comfortable leading client-facing security reviews and incident updates.
Work Location: 100% in-office.
Employment Terms: Full-time, In-office, Exempt, Salary. Eligible for benefits (medical, dental, vision, life, AD&D, disability) and 401(k) after introductory period. Typical business hours are from 8:00 a.m. until 5:00 p.m., Monday through Friday, excluding company-observed holidays.