Endpoint Security Engineer

Sangoma•Sarasota, FL

1h•$100,000 - $110,000•Remote

About The Position

Sangoma is seeking a motivated and detail-oriented Endpoint Security Engineer with experience in Incident Response, SOC operations, operating system security, and automation. In this role, you will help strengthen the company’s security posture by designing and implementing new endpoint security solutions and improving existing controls. You will collaborate closely with teams across the technology organization to investigate security events, document lessons learned and drive meaningful improvements. This mid-level position is ideal for someone who can communicate effectively with both technical and non-technical stakeholders and enjoys building and enhancing security capabilities. This is a remote position with a preference for candidates located in the Central or Eastern time zones.

Requirements

4–6 years of experience in a security, SOC, or Incident Response role.
Solid experience working with one or more EDR solutions such as Sentinel One, CrowdStrike, or Microsoft Defender.
In-depth understanding of threat behaviors in the context of the MITRE ATT&CK Framework.
Intermediate understanding of Windows, MacOS, and Linux file structures and process architecture.
Experience participating in ITIL-oriented Change Management, Incident Management, and Problem Management processes in an enterprise environment.
Experience with automation and API calls via Python and/or PowerShell.
One or more industry-standard security certifications including but not limited to Security+, CySA+, Microsoft SC-200, CEH, GIAC, or similar.

Nice To Haves

Solid experience working with SIEM / SOAR solutions for event correlation and automated response.
Experience performing forensic investigations and malware analysis.
Ability to perform and document penetration testing exercises.
Knowledge of cloud and/or hybrid environments such as Microsoft 365, Azure, AWS, Intune, or similar platforms.

Responsibilities

Serve as an escalation point for SOC/EDR/XDR alerts and suspected security incidents.
Automate and optimize Incident Response procedures with PowerShell, Python, and scripted API calls.
Write custom detection rules in EDR platforms such as CrowdStrike, SentinelOne, and Microsoft Defender.
Test and deploy EDR agent updates.
Evaluate and implement endpoint and endpoint adjacent security solutions.
Document Incident Response procedures and cross-train technical personnel on those procedures.
Participate in penetration testing and tabletop Incident Response exercises.
Produce and improve security dashboards and reports.
Maintain solution and procedure documentation.
Collaborate with IT, Infrastructure, and Cloud teams to implement secure endpoint configurations and controls.
Identify gaps in endpoint security coverage and recommend remediation or enhancements.
Support vulnerability remediation and endpoint hardening initiatives.
Participate in an on-call rotation, being reachable 24/7 during assigned on-call periods, one week per month.
Coordinate with SOC and IT teams to investigate and resolve high-priority endpoint security incidents during on-call periods.

Benefits

Extensive Benefit Options (Health, Vision, Dental, Long & Short term Disability) effective after a short waiting period
Matching 401K program - 100% match on 4%.
Employee Stock Purchase Plan after one year of service.
Flexible Time Off & Company Holidays
Entrepreneurial work environment partnered with high growth career opportunities

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume