Senior Security Engineer, Cyber Defense Platforms

About The Position

Requirements

• Strong security engineering mindset with the ability to translate risk into practical, enforceable technical controls
• Deep problem-solving skills and the ability to operate effectively in complex, large-scale enterprise environments
• Experience designing and deploying security controls across large scale multi-region environments
• Ability to collaborate across security, infrastructure, and application teams while maintaining a strong security posture
• Clear communication skills to explain trade-offs, risks, and control impacts to technical and non-technical stakeholders
• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or a related discipline (or equivalent experience)
• 8+ years of experience in security engineering, endpoint security, or defensive cyber roles
• Strong hands-on experience with endpoint security platforms (e.g., EDR, application control, configuration management, hardening frameworks)
• Experience with Zero Trust principles, endpoint-to-network control models, or execution control technologies

Nice To Haves

• Security certifications such as CISSP, GCED, GSEC, OSCP, or relevant vendor certifications are a plus
• Experience working in regulated or large enterprise environments preferred
• Ability to influence and drive security improvements without direct authority

Responsibilities

• Design, implement, and maintain endpoint hardening standards across workstations and servers, aligned with CIS benchmarks, internal standards, and risk-based guidance
• Reduce enterprise attack surface by disabling unnecessary services, features, protocols, and tooling across endpoint environments
• Engineer and support execution control mechanisms, including application control, script control, and prevention of unauthorized software
• Partner with NetSec teams to reduce endpoint-to-network exposure, including protocol restrictions, dependency mapping, and Zero Trust enforcement considerations
• Support DataSec initiatives by enabling endpoint-level controls that protect sensitive data and enforce approved software and data handling policies
• Identify and assess unapproved or risky endpoint software, working with stakeholders on remediation, allow-listing, or removal paths
• Collaborate with platform, infrastructure, and operations teams to ensure controls are scalable, reliable, and operationally sustainable
• Contribute to security architecture documentation, standards, and roadmaps related to endpoint and defense platforms

Benefits

• retirement savings plan (401K) with company match
• insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
• paid-time off including vacation, sick leave, short term disability, and family care responsibilities
• access to our Employee Assistance Program
• incentive compensation including eligibility for annual performance-based awards
• eligibility for certain tax advantaged savings plans
• inclusive development opportunities
• flexible work-life support
• paid volunteer days
• vibrant employee networks