- Manage full lifecycle of endpoint security tools such as antivirus software, including implementation, configuration, development, and maintenance.
- Integrate endpoint security tools into security orchestration and automation platform
- Develop standard operation procedure and playbook.
- Integrate endpoint security tools with analytics, monitoring and compliance tools
- Design and develop back-end management server infrastructure and databases as needed
- Work with global teams to provide globally consistent processes and solutions.
- Penetration testing, if required.
- Experience conducting analysis of electronic media, packet capture, log data in support of enterprise level information security operations.
- Experience documenting, building, and testing reference architectures
- BA/BS or MA/MS in Engineering, Computer Science, Information Security, or Information Systems required
- 3+ years of experience in one or more of the following areas: offensive/defensive hunt techniques, offensive zero-day exploit activities, malware identification methods
- Experience with common attack vectors, including advanced adversaries (nation state/financial motivation)
- Experience securing applications, data at rest and in transit at the workstation, server and cloud
- Extensive security hands on experiences in engineering security tools configurations, and enhancements from an endpoint device perspective.
- Experience working with cyber security tools and security control, such as Cylance, McAfee, Symantec End Point, TrendMicro Antivirus, Bluecoat, Tanium, CrowdStrike.
- Demonstrated in-depth understanding of operating system (OS) internals, the mechanics of OS exploits, and methods for preventing and/or detecting OS exploits
- Experience with network-based endpoint security controls, such as web proxies and email security gateways
- Ability to navigate and work effectively across a complex, geographically dispersed organization
- Excellent communication and written skills
- Ability to build consensus and cooperation as well as to influence, interact and negotiate with senior leadership in the organization
- Demonstrable ability to self-direct project outcomes, with minimal supervision to achieve program goals
- Problem solving and troubleshooting skills to independently resolve communication and systems issues
- Working experiences within the Access Control strongly preferred
- Experience with LDAP, Active Directory, IAM, AzureAD, SAML, Azure Identity Management
- Experience with modern methods of network and endpoint attacks and compromise.
- Demonstrated knowledge of standard IAM products (i.e. SailPoint, Okta, Forgerock, etc.)
- Experience with Privileged Account Management (PAM)