Endpoint Security Engineer / Endpoint & Identity Security Engineer/ Security Configuration Engineer
REDLEO SOFTWARE INC.
New York, United States of America
yesterday
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
EnglishJob location
New York, United States of America
Tech stack
Microsoft Windows
Microsoft Active Directory
Computer Security
Linux
Linux System Administration
Windows Server
Powershell
Software Vulnerability Management
Symantec
SentinelOne Expertise
Qualys
Job description
We need someone who can strengthen enterprise security by implementing hardening standards, securing Active Directory, and managing endpoint protection across Windows and Linux environments. Maintain CIS-aligned baselines, enforce GPO-driven security controls, and support vulnerability remediation using industry-leading tools. Ensure endpoints, servers, and identities remain compliant, resilient, and securely configured.
Key Focus Areas:
- CIS Benchmark hardening (Windows/Linux)
- Active Directory & GPO security governance
- Endpoint protection (Defender, CrowdStrike, SentinelOne, Trellix)
- Vulnerability management (Tenable/Qualys/Rapid7)
- PAM, MFA, encryption, listing & device control
- PowerShell automation for security configuration
Requirements
- Windows Server & Active Directory Administration
- CIS Benchmark Hardening (Windows, Linux, endpoints)
- Group Policy (GPO) Security & Governance
- Endpoint Security Platforms: Microsoft Defender, CrowdStrike, SentinelOne, Trellix, Symantec
- Core Security Controls: PAM, MFA, Encryption, Application listing, Device Control
- Vulnerability Management Tools: Tenable, Qualys, or Rapid7
- Security Frameworks: CIS, NIST, ISO 27001
- PowerShell Automation, 4. SC-200 (Security Operations Analyst)
- CrowdStrike CCFA or Sentinel One SIREN
- Qualys / Tenable / Rapid7 VM Certification