Principal Cybersecurity - Endpoint Security

About The Position

Requirements

• A Bachelor’s degree in Information Systems, Engineering, or Cybersecurity.
• 5+ years in endpoint security or endpoint systems engineering within large enterprise environments.
• Proven direct experience with Tanium in enterprise deployment, custom sensor creation, patch management, and compliance reporting.
• Strong background with endpoint security agent technologies such as EDR, DLP, VPN.
• Experience managing endpoint agents at scale using SCCM, Intune, JAMF, and other automation technologies.
• Deep understanding of Windows, MacOS, and Linux endpoint configurations, security controls, and hardening techniques.
• Solid scripting skills in PowerShell, Python, or Bash for endpoint automation.
• Ability to work with distributed, cross-functional teams on security tool deployment and integration projects.
• Excellent communication skills including metrics/performance documentation/presentation, technical drawing/architecture origination, and modification.
• Ability to operate well under pressure and urgent circumstances.
• Self-reliant and diligent in follow-through for assigned tasks.

Nice To Haves

• Tanium Certified Operator or Administrator
• Experience managing endpoints with more than 50,000 devices
• Security certifications such as CISSP, GIAC, or equivalent
• Bachelor’s degree (BS/BA) desired in Computer Science or Cybersecurity.
• 7+ years of related experience.
• Certification is required in some areas.

Responsibilities

• Lead the deployment, configuration, and tuning of Tanium modules, including Asset, Comply, Deploy, Threat Response, and Reveal, ensuring high availability and performance across a large global fleet.
• Build and maintain integrations between Tanium and other enterprise security tools to improve automation, inventory, vulnerability identification, and threat response.
• Deploy and manage endpoint security agents for tools such as Endpoint Detection and Response (EDR), Remote Access VPN, and Data Loss Prevention (DLP).
• Partner with SOC and threat intelligence teams to implement detection and response logic leveraging Tanium sensors and queries.
• Automate endpoint provisioning, patching, and configuration compliance using Tanium scripting and APIs, as well as PowerShell and Python for custom workflows.
• Conduct root cause analysis for endpoint performance telemetry issues and drive remediations through coordinated change management processes.
• Maintain detailed runbooks, operational playbooks, and endpoint security baselines for global deployment consistency.
• Function as the subject matter expert for Tanium and other endpoint security tools during security incidents, audits, and compliance initiatives.

Benefits

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.