Endpoint Security Engineer

Endpoint Security Engineer

Europe | Full-time

Responsibilities

  • Deploy, operate, and tune endpoint security controls (EDR/XDR, EPP, MDM) across corporate endpoints, servers, and critical infrastructure
  • Monitor endpoint telemetry health, investigate security events, and identify potential security incidents
  • Implement and maintain OS security baselines and hardening standards across Windows, Linux, and macOS environments based on CIS Benchmarks, DISA STIG, and internal policies
  • Support vulnerability remediation, patching activities, and endpoint security improvements in collaboration with IT and infrastructure teams
  • Configure and maintain endpoint protection capabilities, including file integrity monitoring and endpoint isolation readiness for critical systems
  • Support containment and response activities for compromised or non-compliant devices together with SOC and Cyber Defense teams
  • Assist with tracking endpoint security gaps, remediation actions, and configuration improvements
  • Document endpoint security configurations, operational procedures, and investigation findings

Requirements

  • 3+ years of hands-on experience in Endpoint Security, Endpoint Protection, Infrastructure Security, System Security, or a similar cybersecurity role
  • Higher education in Computer Science, Information Security, Software Engineering, or a related technical field is preferred
  • Practical experience securing both desktop endpoints and server workloads in enterprise environments
  • Experience supporting environments with 1,000+ managed endpoints is highly preferred
  • Strong hands-on experience with EDR/XDR, Endpoint Protection Platforms (EPP), and Mobile Device Management (MDM) solutions
  • Deep understanding of Windows, Linux, and macOS architecture, services, processes, logging, and security mechanisms
  • Experience implementing OS hardening based on CIS Benchmarks, DISA STIG, or similar security standards
  • Knowledge of operating system access control models, RBAC, and least-privilege principles
  • Experience with native operating system security features such as Microsoft Defender, Attack Surface Reduction (ASR), BitLocker, SELinux, AppArmor, Gatekeeper, System Integrity Protection (SIP), and FileVault
  • Understanding of endpoint telemetry, file integrity monitoring, and endpoint isolation techniques
  • Scripting skills for automation using PowerShell and Python
  • English – IntermediateUpper-Intermediate level
  • Ukrainian – Fluent

We offer

  • 20 paid vacation days per year
  • 10 paid sick leave days per year
  • Public holidays as per the company’s approved Public holiday list
  • Medical budget
  • Opportunity to work remotely
  • Professional education budget
  • Language learning budget
  • Wellness budget (gym membership, sports gear and related expenses)

Apply for Endpoint Security Engineer

    x Remove file