Security Engineering & Platform Support

This role combines engineering, threat detection, and incident response, requiring strong hands-on experience with modern EDR and email security platforms. Responsibilities Security Engineering & Platform Support

• Design, deploy, and support endpoint security tools across multiple operating systems, including:

• CrowdStrike, Microsoft Defender, BitLocker, Eclypsium, Symantec Endpoint Protection, WinMagic (SecureDoc)

• Manage and enhance enterprise email security platforms, including:

• Proofpoint (Email Protection, TAP, DLP, Threat Response)
• FireEye/Mandiant Email Security or equivalent solutions

• Build automation and integrations to improve operational efficiency, telemetry analysis, and threat response
• Partner with engineering and architecture teams to align security controls with enterprise standards and policies
• Implement controls supporting confidentiality, integrity, availability, and business continuity

Threat Detection & Incident Response

• Lead and participate in incident response involving endpoint and email threats
• Investigate phishing attacks, malware campaigns, and email-based threats (headers, attachments, URLs)
• Analyze endpoint telemetry, logs, and alerts to detect anomalies
• Perform root cause analysis and digital forensics; recommend remediation strategies
• Collaborate with SOC, threat intelligence, and infrastructure teams to drive incident resolution
• Continuously improve detection capabilities through tuning, threat hunting, and detection engineering

Collaboration & Leadership

• Mentor junior engineers and provide technical guidance
• Partner cross-functionally to deliver projects and resolve complex issues
• Work closely with messaging, SOC, and infrastructure teams to ensure cohesive defense strategies

Documentation & Continuous Improvement

• Develop and maintain technical documentation, standards, and runbooks
• Translate security requirements into scalable technical solutions
• Stay informed on emerging threats (phishing, BEC, advanced malware)
• Promote a culture of security excellence and continuous improvement

• 4+ years of experience in Information Security Engineering or related field
• 2+ years of Windows system administration experience
• Hands-on experience with EDR tools (e.g., CrowdStrike, Microsoft Defender)
• Experience with enterprise email security platforms (Proofpoint, FireEye, or similar)
• 2+ years of scripting experience (PowerShell or Python)
• Experience with SDLC processes and secure development practices
• 1+ year of experience with SIEM tools (e.g., Splunk)
• Experience analyzing phishing and malware-based threats
• Ability to support implementations outside standard business hours as needed

Preferred Qualifications

• Experience with REST APIs and automation frameworks
• Knowledge of network routing and infrastructure concepts
• Bachelor's degree in Computer Science, Information Security, or related field
• Industry certifications (CISSP, GIAC, OSCP, or similar)
• Experience with cloud security (AWS, Azure, Google Cloud Platform)
• Familiarity with integrating EDR/XDR, email security, and SIEM platforms
• Knowledge of Zero Trust architecture and secure device management
• Understanding of security frameworks (NIST, ISO 27001, MITRE ATT&CK)
• Experience with email authentication (DMARC, DKIM, SPF) and BEC prevention
• Strong communication skills with ability to work across technical and non-technical teams

Key Skills

• Proofpoint
• CrowdStrike
• FireEye / Mandiant Email Security