Endpoint Security Specialist
32 Hartwell Ave Remote, MA 02421
Positon: Endpoint Security Specialist
Type: Perm - full time
- EDR – endpoint detection and response technologies, includes products like Carbon Black, Crowdstrike,, etc. Probably going with FireEye. FireEye would be great, but any EDR tool is ok
- Looking for someone with experience with a large scale deployment, implemented with a SIM or data repository. Building out policies and procedures for incident response.
Endpoint Security Specialist
The Endpoint Security Specialist will be the lead in developing next-generation endpoint protection strategies, including the enhancement and introduction of anti-virus, malware protection, application whitelisting, and threat defense solutions within the network. Candidate must be a highly motivated and Senior Information Security leader who can support Endpoint Detection and Response (EDR) applications in conjunction with a SOC and operational teams to ensure cybersecurity service availability for all servers and workstations.
- Create and implement (ISO) policies for Endpoint Security solutions for and provide oversight for solutions used by other Business Units based on industry best practices.
- Maintaining and measuring existing solutions to ensure on-going operational and security effectiveness with appropriate metrics.
- Conduct troubleshooting, tuning, and application testing within the business, and lead deployment of any endpoint security solution.
- Work with SOC and with SIEM owners to develop appropriate Incident Response procedures and ensure the collection of all required data.
- Ongoing analysis and improvement of the architectural design, development of new roles based on job requirements, and continually enhancing and evolving the countermeasure policies in place.
- Relevant skills include an understanding of business/technology risk, thought leadership in designing and executing cloud / technology controls that mitigate those risks, and ability to keep up-to date with the latest technologies and potential cyber-threats
- Must have a strong knowledge and experience in the IT security space.
- Must be a self-starter and able to lead cross functional teams and deliver results with minimal supervision.
- Interfaces extensively with functional users (security analysts) to assure the effectiveness of the solution and address escalated enterprise user concerns.
- Maintain and measure endpoint security solution health.
- Proactively monitor and provide service assurance for supported services.
- Developing, automating, and maintaining EDR strategies.
- May provide direction to peers or PM’ s leading projects for EP platform applications including ensuring delivery of business requirements and provide analysis and solutions for potential problems.
- Identify and coordinate native host configurations to enhance security posture.
- Consults other IT stakeholders within business lines to ensure alignment of initiatives and strategies.
- Excellent interpersonal skills with the ability to develop cohesive working relationships with internal and external clients.
Endpoint Security Specialist Skills and Qualifications
- BS/BA degree in related discipline desired (i.e. Computer Science or Computer Information Technology) or 7+ years equivalent experience in a related field
- 5+ years of hands-on technical skills and experience with enterprise endpoint security solutions in large scale environments
- Windows, Mac and Linux / Unix endpoint security solution knowledge and experience
- Strong knowledge of the endpoint solutions landscape and capability from the leading vendors such as, Cisco, McAfee, Sophos, Carbon Black, FireEye, Crowdstrike, Tanium, and others
- CISSP, Solution-specific technical certification(s)
- Knowledge of, and experience applying activities associated with endpoint software agent evaluation, testing, troubleshooting, deployment automation, maintenance, and updates
- Experience implementing and upgrading software on Windows/Linux platforms
- Working knowledge of Powershell, GPO, or SCCM
- Knowledge of malware analysis through 3rd Party connectors such as Palo Alto (WildFire) and Microsoft SCEP
- Experience with Splunk/Logrhythym log analysis