Endpoint Security Engineer / Endpoint & Identity Security Engineer/ Security Configuration Engineer

REDLEO SOFTWARE INC.
New York, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

New York, United States of America

Tech stack

Microsoft Windows
Microsoft Active Directory
Computer Security
Linux
Linux System Administration
Windows Server
Powershell
Software Vulnerability Management
Symantec
SentinelOne Expertise
Qualys

Job description

We need someone who can strengthen enterprise security by implementing hardening standards, securing Active Directory, and managing endpoint protection across Windows and Linux environments. Maintain CIS-aligned baselines, enforce GPO-driven security controls, and support vulnerability remediation using industry-leading tools. Ensure endpoints, servers, and identities remain compliant, resilient, and securely configured.

Key Focus Areas:

  • CIS Benchmark hardening (Windows/Linux)
  • Active Directory & GPO security governance
  • Endpoint protection (Defender, CrowdStrike, SentinelOne, Trellix)
  • Vulnerability management (Tenable/Qualys/Rapid7)
  • PAM, MFA, encryption, listing & device control
  • PowerShell automation for security configuration

Requirements

  • Windows Server & Active Directory Administration
  • CIS Benchmark Hardening (Windows, Linux, endpoints)
  • Group Policy (GPO) Security & Governance
  • Endpoint Security Platforms: Microsoft Defender, CrowdStrike, SentinelOne, Trellix, Symantec
  • Core Security Controls: PAM, MFA, Encryption, Application listing, Device Control
  • Vulnerability Management Tools: Tenable, Qualys, or Rapid7
  • Security Frameworks: CIS, NIST, ISO 27001
  • PowerShell Automation, 4. SC-200 (Security Operations Analyst)
  1. CrowdStrike CCFA or Sentinel One SIREN
  2. Qualys / Tenable / Rapid7 VM Certification

Apply for this position