EDR Architect + Penetration test Lead - San Jose, CA (Onsite)

Svk Systems Inc
San Jose, United States of America
30 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 146K

Job location

San Jose, United States of America

Tech stack

Microsoft Windows
Microsoft Active Directory
Amazon Web Services (AWS)
Apple Mac Systems
Software System Penetration Testing
Azure
Bash
Cloud Computing
Cloud Computing Security
Computer Security
Linux
Intrusion Detection and Prevention
Python
Network Security
Linux Security Modules
Powershell
Red Team (Cyber Security)
Security Information and Event Management
Software Vulnerability Management
Web Applications
Google Cloud Platform
Mitre Att&ck
Malware
Cyber Threat Analysis
Azure Security Center
Cybercrime
Windows Security
SentinelOne Expertise
Security Orchestration, Automation & Response
VMware

Job description

We are seeking an experienced EDR Architect & Penetration Testing Lead to design, implement, optimize, and continuously improve our endpoint security strategy while conducting offensive security assessments to identify and validate security risks. This role will bridge defensive and offensive security functions, ensuring endpoint detection capabilities effectively detect, prevent, and respond to modern threats., EDR Architecture & Endpoint Security

  • Design, deploy, and maintain enterprise-scale EDR solutions.
  • Develop endpoint security architecture, standards, and operational procedures.
  • Configure and optimize detection rules, alerting logic, threat hunting workflows, and response playbooks.
  • Integrate EDR platforms with SIEM, SOAR, vulnerability management, and incident response processes.
  • Lead endpoint security assessments and architecture reviews.
  • Evaluate and recommend endpoint security technologies and controls.
  • Develop endpoint hardening standards across Windows, Linux, and macOS environments.
  • Create metrics and reporting to measure EDR effectiveness and coverage.

Penetration Testing & Offensive Security

  • Plan and execute internal and external penetration tests.
  • Perform network, web application, cloud, and endpoint security assessments.
  • Conduct red team exercises and adversary emulation activities.
  • Validate security controls through simulated attack scenarios.
  • Identify vulnerabilities, misconfigurations, and security gaps.
  • Produce detailed technical reports with risk ratings and remediation recommendations.
  • Partner with engineering and infrastructure teams to validate remediation efforts.
  • Develop attack simulations to test EDR detections and response capabilities.

Threat Detection & Security Engineering

  • Create custom detection content and threat-hunting methodologies.
  • Map detections and attack simulations to the MITRE ATT&CK framework.
  • Analyze emerging threats, attacker techniques, and security trends.
  • Support incident response investigations and post-incident reviews.
  • Develop automated detection and response workflows where appropriate.

Governance & Leadership

  • Define endpoint security strategy and roadmap.
  • Provide technical leadership for endpoint security initiatives.
  • Mentor junior security analysts and engineers.
  • Collaborate with infrastructure, cloud, and application teams on security architecture.
  • Present findings and recommendations to technical and executive stakeholders.

Requirements

Do you have experience in macOS?, * 7+ years of cybersecurity experience.

  • 3+ years designing and managing enterprise EDR platforms.
  • Hands-on penetration testing experience across multiple environments.
  • Strong knowledge of:
  • Windows security architecture
  • Linux security
  • Active Directory
  • Cloud security (AWS, Azure, GCP)
  • Network security
  • Incident response
  • Threat hunting
  • Experience with one or more EDR platforms such as:
  • CrowdStrike Falcon
  • Microsoft Defender for Endpoint
  • SentinelOne Singularity
  • VMware Carbon Black
  • Proficiency in scripting and automation (Python, PowerShell, Bash).
  • Strong understanding of attack techniques, malware, and adversary behaviors., * Experience conducting red team operations.
  • Experience with cloud-native security platforms.
  • Knowledge of detection engineering and purple teaming.
  • Experience with security automation and SOAR technologies.

Success Metrics

  • Improvement in endpoint visibility and detection coverage.
  • Reduction in false positives and alert fatigue.
  • Successful execution of penetration testing engagements.
  • Increased detection rates for simulated attacks.
  • Timely remediation of identified security weaknesses.
  • Continuous improvement of endpoint security posture and threat detection capabilities.

Benefits & conditions

3.73.7 out of 5 stars San Jose, CA 95139 $65 - $70 an hour - Contract

Apply for this position