Jacobs is a company focused on solving the world's most critical problems through innovative solutions. They are seeking an Endpoint Security & Exposure Management Engineer to design, implement, administer, and improve endpoint security controls while managing enterprise exposure and vulnerability management capabilities.
Responsibilities:
- Design, implement, and maintain endpoint security controls across Windows, Linux, and macOS environments
- Administer and optimize application control and application allowlisting solutions
- Develop and maintain privilege management policies based on Zero Trust and least-privilege principles
- Investigate and resolve endpoint security issues related to application execution, privilege elevation, and policy enforcement
- Collaborate with desktop engineering teams to develop secure endpoint standards and configurations
- Support endpoint hardening initiatives aligned with industry best practices and security frameworks
- Develop reporting and metrics to demonstrate endpoint security effectiveness and risk reduction
- Manage the enterprise vulnerability management lifecycle, including identification, assessment, prioritization, remediation, and validation
- Administer vulnerability scanning and assessment platforms across on-premises, cloud, and hybrid environments
- Analyze vulnerability findings and prioritize remediation activities based on risk, exploitability, asset criticality, and business impact
- Drive remediation efforts with infrastructure, application, cloud, and operations teams
- Monitor remediation performance against defined service level objectives and security policies
- Perform vulnerability trend analysis and identify recurring risk patterns
- Support attack surface reduction initiatives through proactive exposure identification and mitigation
- Administer and maintain ServiceNow Vulnerability Response
- Configure integrations between ServiceNow and vulnerability assessment platforms
- Develop and optimize vulnerability workflows, assignment rules, remediation tasks, and reporting
- Monitor remediation progress and ensure effective stakeholder engagement
- Create dashboards and executive-level reporting to communicate exposure trends and remediation performance
- Support security incident investigations involving vulnerable systems, unauthorized privilege use, or endpoint compromise
- Assess emerging vulnerabilities, threats, and security advisories to determine organizational impact
- Provide risk-based recommendations for remediation and compensating controls
- Participate in security assessments, audits, and compliance activities
- Contribute to cybersecurity standards, policies, and technical security roadmaps
- Act as a technical advisor for endpoint security and vulnerability management initiatives
Requirements:
- Minimum 5 years of experience in cybersecurity, endpoint security, vulnerability management, or security engineering
- Hands-on experience administering application control and privilege management solutions
- Extensive experience managing enterprise vulnerability management programs
- Experience working with ServiceNow Vulnerability Response
- Experience using leading vulnerability management platforms such as: Rapid7, Tenable, Qualys
- Experience working within large enterprise environments
- Strong understanding of risk-based vulnerability management and remediation prioritization
- Experience implementing Zero Trust security controls
- Experience with endpoint detection and response (EDR) platforms
- Familiarity with security frameworks including: NIST Cybersecurity Framework, CIS Controls, ISO 27001, NCSC Cyber Assessment Framework, Cyber Essentials Plus, Defence Cyber Certification, Levels 0-3, ACSC Essential Eight
- Experience with cloud security and hybrid infrastructure environments
- Experience leading vulnerability remediation programs across multiple technology domains