Endpoint Security Engineer
Role details
Job location
Tech stack
Job description
Focuses on securing all enterprise-managed endpoints through policy enforcement, compliance monitoring, device protection controls, and integration of UEM platforms with enterprise security systems.
Position requires on-site support.
Responsibilities may include, but are not limited to:
-
Design and enforce compliance policies within Workspace One, Microsoft Intune, and/or Jamf.
-
Oversee mobile security controls including device encryption, lost/stolen device workflows, and remote wipe/lock actions.
-
Conduct security reviews for OS updates, CVEs, and platform changes.
-
Work with security teams to integrate conditional access, certificate policies, and identity-based access controls.
-
Develop automated compliance reporting using PowerShell or other scripting tools.
-
Respond to escalated security incidents involving managed endpoints.
-
Maintain documentation of security posture, SOPs, and enforcement standards.
Requirements
Do you have experience in UEM?, Do you have a Bachelor's degree?, * BS in IT or related field (preferred). Formal technical training, certifications, and/or additional experience may be substituted for the degree preference.
-
Minimum of 2-4 years of experience in UEM administration with security responsibilities.
-
Experience troubleshooting device compliance issues, policy conflicts, and non-compliance scenarios.
-
Experience collaborating with enterprise security and engineering teams.
-
Strong understanding of MDM/MAM security frameworks.
-
Hands-on experience configuring compliance, encryption, device restrictions, and mobile security controls.
-
Proficiency with PowerShell scripting for reporting and automation.
-
Familiarity with identity systems, conditional access, and platform SSO.
-
ITSM platform experience (BMC or ServiceNow).
Qualifications:
-
Must obtain an agency public trust suitability determination prior to start date
-
Must have strong analytical skills.
-
Must be able to work with sensitive data in a controlled environment.
-
Ability to support after-hours response for critical security issues.
-
Ability to communicate effectively and efficiently with all levels of leadership.
-
Must have excellent verbal and written communication and stakeholder-facing skills.
-
Must be able to work independently and within a multi-disciplinary team to meet demanding deadlines in a fast-paced technology environment.
-
Must maintain a high level of customer service for all support interactions.
-
Experience with mobile threat defense platforms (MTD) is a plus.
-
Experience supporting a complex Federal agency enterprise is a plus.
-
Relevant security related certification(s) such as Security+, CASP+, Microsoft SC series, and/or Jamf 300+ are preferred.