Serve as an escalation point for SOC/EDR/XDR alerts and suspected security incidents.
Automate and optimize Incident Response procedures with PowerShell, Python, and scripted API calls.
Write custom detection rules in EDR platforms such as CrowdStrike, SentinelOne, and Microsoft Defender.
Test and deploy EDR agent updates.
Evaluate and implement endpoint and endpoint adjacent security solutions.
Document Incident Response procedures and cross-train technical personnel on those procedures.
Participate in penetration testing and tabletop Incident Response exercises.
Produce and improve security dashboards and reports.
Maintain solution and procedure documentation.
Collaborate with IT, Infrastructure, and Cloud teams to implement secure endpoint configurations and controls.
Identify gaps in endpoint security coverage and recommend remediation or enhancements.
Support vulnerability remediation and endpoint hardening initiatives.
Participate in an on-call rotation, being reachable 24/7 during assigned on-call periods, one week per month.
Coordinate with SOC and IT teams to investigate and resolve high-priority endpoint security incidents during on-call periods.

4–6 years of experience in a security, SOC, or Incident Response role.
Solid experience working with one or more EDR solutions such as Sentinel One, CrowdStrike, or Microsoft Defender.
In-depth understanding of threat behaviors in the context of the MITRE ATT&CK Framework.
Intermediate understanding of Windows, MacOS, and Linux file structures and process architecture.
Experience participating in ITIL-oriented Change Management, Incident Management, and Problem Management processes in an enterprise environment.
Experience with automation and API calls via Python and/or PowerShell.
One or more industry-standard security certifications including but not limited to Security+, CySA+, Microsoft SC-200, CEH, GIAC, or similar.
Preferred: Solid experience working with SIEM / SOAR solutions for event correlation and automated response.
Experience performing forensic investigations and malware analysis.
Ability to perform and document penetration testing exercises.
Knowledge of cloud and/or hybrid environments such as Microsoft 365, Azure, AWS, Intune, or similar platforms.

Extensive Benefit Options (Health, Vision, Dental, Long & Short term Disability) effective after a short waiting period
Matching 401K program
100% match on 4%.
Employee Stock Purchase Plan after one year of service.
Flexible Time Off & Company Holidays
Entrepreneurial work environment partnered with high growth career opportunities
We value transparency and fairness in our compensation practices.

Endpoint Security Engineer

Key skills