Endpoint Security Engineer
Europe | Full-time
Responsibilities
- Deploy, operate, and tune endpoint security controls (EDR/XDR, EPP, MDM) across corporate endpoints, servers, and critical infrastructure
- Monitor endpoint telemetry health, investigate security events, and identify potential security incidents
- Implement and maintain OS security baselines and hardening standards across Windows, Linux, and macOS environments based on CIS Benchmarks, DISA STIG, and internal policies
- Support vulnerability remediation, patching activities, and endpoint security improvements in collaboration with IT and infrastructure teams
- Configure and maintain endpoint protection capabilities, including file integrity monitoring and endpoint isolation readiness for critical systems
- Support containment and response activities for compromised or non-compliant devices together with SOC and Cyber Defense teams
- Assist with tracking endpoint security gaps, remediation actions, and configuration improvements
- Document endpoint security configurations, operational procedures, and investigation findings
Requirements
- 3+ years of hands-on experience in Endpoint Security, Endpoint Protection, Infrastructure Security, System Security, or a similar cybersecurity role
- Higher education in Computer Science, Information Security, Software Engineering, or a related technical field is preferred
- Practical experience securing both desktop endpoints and server workloads in enterprise environments
- Experience supporting environments with 1,000+ managed endpoints is highly preferred
- Strong hands-on experience with EDR/XDR, Endpoint Protection Platforms (EPP), and Mobile Device Management (MDM) solutions
- Deep understanding of Windows, Linux, and macOS architecture, services, processes, logging, and security mechanisms
- Experience implementing OS hardening based on CIS Benchmarks, DISA STIG, or similar security standards
- Knowledge of operating system access control models, RBAC, and least-privilege principles
- Experience with native operating system security features such as Microsoft Defender, Attack Surface Reduction (ASR), BitLocker, SELinux, AppArmor, Gatekeeper, System Integrity Protection (SIP), and FileVault
- Understanding of endpoint telemetry, file integrity monitoring, and endpoint isolation techniques
- Scripting skills for automation using PowerShell and Python
- English – IntermediateUpper-Intermediate level
- Ukrainian – Fluent
We offer
- 20 paid vacation days per year
- 10 paid sick leave days per year
- Public holidays as per the company’s approved Public holiday list
- Medical budget
- Opportunity to work remotely
- Professional education budget
- Language learning budget
- Wellness budget (gym membership, sports gear and related expenses)