Endpoint Security Engineer III
| Company | Deepwatch |
|---|---|
| Location | Washington, DC, USA, San Francisco, CA, USA, Austin, TX, USA, Tampa, FL, USA, Denver, CO, USA |
| Salary | $120000 – $160000 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior, Expert or higher |
Requirements
- Experience in managing Endpoint Detection and Response (EDR) Platforms, preferably in a MSSP or large corporate SOC environment, such as: Microsoft Defender (for Endpoint), Crowdstrike, SentinelOne
- Advanced level knowledge and experience engineering solutions in one or more of the following disciplines: Cloud Security Platforms, Identity Platforms, Firewall or Network Security Platforms, Vulnerability Management Platforms
- Minimum 7-10 years of demonstrative experience in a helpdesk, service desk, or SOC environment
- Demonstrative understanding of Windows, Mac, and Linux security administration
- Effective communication skills, with the ability to convey technical information to non-technical stakeholders
- Strong understanding of security principles and practices with a focus on improving customer security posture
- Excellent problem-solving skills and the ability to work well under pressure
- Advanced experience using Python, Powershell, or equivalent scripting language
- Experience automating manual processes
- Be willing to or have obtained certification at an associate level technology understanding for multiple of the aforementioned technologies.
Responsibilities
- Manage the customer’s endpoint technology, including but not limited to, agent management, console upgrades, Deepwatch user management, product configuration, dashboarding and reporting, exclusions, blocklisting, policy management, log forwarding, and vendor support management
- Provide oversight for all aspects of the endpoint protection platform configurations while giving feedback on processes and procedures and advocate for potential efficiencies
- Quickly assess and prioritize health monitoring and platform engineering alerts and service requests, following predefined procedures and escalation paths as necessary
- Work closely with internal teams, including engineering, operations, and security, to coordinate responses and ensure seamless service delivery
- Communicate clearly and concisely with customers regarding service incidents, resolutions, and any necessary follow-up actions
- Provide detailed work notes and summaries for both internal records and customer-facing communication, ensuring transparency and accountability
- Participate in an on-call rotation responding to critical issues
- Respond promptly to alerts generated by monitoring platforms, investigating and resolving issues or escalating as appropriate
Preferred Qualifications
- Certification at an associate level technology understanding for multiple of the aforementioned technologies.