Senior Endpoint Security Engineer

We are hiring a Senior Endpoint Security Engineer to lead and strengthen endpoint protection across a complex defense agency environment. In this role, you'll be hands-on with multiple endpoint security platforms-often operating several tools in parallel-while guiding teams, shaping strategy, and protecting mission-critical systems across on-premises and Oracle Cloud Infrastructure (OCI) environments.

This position is ideal for a technical leader who can manage people and programs while remaining deeply engaged in day-to-day engineering and threat response.

What You'll Do

Endpoint Security Engineering & Operations

You'll take ownership of endpoint protection by:

• Leading the deployment, configuration, and ongoing management of multiple endpoint security tools
• Operating and coordinating multiple endpoint managers simultaneously to protect agency assets across diverse platforms, including Oracle Cloud
• Driving secure, scalable configurations aligned with agency and regulatory requirements

Cloud Security Integration

You'll extend endpoint security into cloud environments by:

• Designing, implementing, and optimizing endpoint protection for Oracle Cloud workloads
• Ensuring endpoint controls remain consistent across on-premises and OCI environments
• Supporting integrations with APIs, logging pipelines, and SIEM platforms as needed

Threat Detection & Incident Response

You'll support security operations by:

• Monitoring endpoints for indicators of compromise
• Tuning policies, alerts, and detections across multiple tools
• Triage alerts and support incident response activities in coordination with SOC and IT teams

Policy, Compliance & Governance

You'll help maintain a strong compliance posture by:

• Developing, implementing, and enforcing endpoint security policies and procedures
• Supporting operations in secured, compliance-driven environments (DoD or similar)
• Translating compliance requirements into enforceable technical controls

Agile Delivery & Jira Collaboration

You'll contribute within structured delivery teams by:

• Actively participating in Agile project teams
• Using Jira for sprint tracking, incident and trouble ticket management, and documentation
• Improving cross-team coordination through clear tracking and communication

Optimization, Automation & Improvement

You'll continuously raise the bar by:

• Enhancing endpoint security controls and operational processes
• Introducing automation to improve efficiency and response times
• Staying current on advancements in endpoint security across diverse tools

Training, Documentation & Leadership

You'll strengthen team capability by:

• Creating and maintaining SOPs, runbooks, and technical documentation
• Training and mentoring junior engineers and operators
• Managing endpoint security team members while remaining hands-on and technically engaged

What You'll Bring

• At least 7 years of experience in IT or cybersecurity, with strong operational focus on endpoint security
• Active Secret Clearance
• DoD 8570 IAT II (e.i. Security+)
• Hands-on experience deploying and managing endpoint security platforms, including:
• Trellix
• Tanium
• CrowdStrike
• Microsoft Defender for Endpoint (MDE)
• (Tools listed in order of importance; experience beyond these is a strong bonus)
• Experience securing environments spanning on-premises and Oracle Cloud Infrastructure
• Familiarity with Oracle Cloud deployments and API/SIEM integrations
• Experience working in Agile teams, with practical use of Jira
• Demonstrated success delivering results in regulated, compliance-driven environments
• Proven ability to manage and collaborate upward, downward, and across teams
• Strong communication, documentation, and problem-solving skills
• Comfort making security recommendations to executive leadership in both federal and commercial contexts
• A proactive, mission-driven mindset with adaptability in regulated environments

Preferred Certifications

• Microsoft Certified: Security Operations Analyst Associate (or equivalent related to MDE)
• CrowdStrike Falcon Administrator (CCFA) or higher
• Oracle Cloud Infrastructure (OCI) certification or equivalent
• Tanium Certified Operator
• Trellix Product Specialist
• CISSP, or equivalent cybersecurity credential