Job Description: We are seeking a proactive and detail-oriented Endpoint Security Engineer to manage and enhance our endpoint protection technologies. This role focuses on deploying, tuning, and monitoring Microsoft Defender products (such as Defender for Endpoint, Defender for Identity, Defender for O365 and Defender Antivirus ) with a strong emphasis on SCCM\Intune platform expertise to ensure comprehensive visibility, compliance, and rapid threat response. Key Responsibilities: Administer, monitor, and optimize Microsoft Defender suite deployments across the enterprise . Serve as an escalation point for complex endpoint and infrastructure-related incidents. Design and manage endpoint detection and response (XDR) policies using Defender for Endpoint. Develop threat-hunting hypotheses and implement new detection logic in Defender XDR. Provide mentorship and guidance to Tier 1/2 SOC analysts. Develop and maintain configuration baselines, health checks, and compliance reporting using Tanium. Investigate and remediate security alerts and endpoint incidents. Collaborate with SOC and IR teams for threat hunting, forensic analysis, and response automation. Document processes, configurations, and incident response procedures. Automate compliance and remediation workflows using PowerShell and Intune configuration profiles. Manage and monitor Microsoft Defender for Office 365 to protect users from phishing, malware, and other threats across Exchange, SharePoint, OneDrive, and Teams. Requirements: 3 5 years of experience in endpoint security or a related cybersecurity role. Deep knowledge of Microsoft Defender for Endpoint, Defender for Identity, and related Defender XDR tools. Strong experience with Intune platform. Experience with scripting (PowerShell,Python) for automation and remediation. Familiarity with SIEMs (e.g., Splunk, Sentinel) and EDR integrations. Strong analytical and troubleshooting skills.
We are looking for a highly skilled Tanium Platform Engineer with hands-on experience managing and optimizing a wide range of Tanium modules, including Enforce, Threat Response, Comply, Interact, Patch, Deploy, Certificate Manager, Performance, Investigate, and Impact. The ideal candidate will have a strong scripting background (PowerShell, Python, Shell, and VBS) and the ability to automate, orchestrate, and scale endpoint security and operations across a global enterprise environment. Key Responsibilities: Manage, administer, and optimize Tanium modules, including but not limited to: Enforce : Configure and apply security baselines and policies. Threat Response & Investigate : Conduct real-time threat hunting, forensics, and incident response. Comply : Monitor and report endpoint compliance against CIS, NIST, and custom baselines. Patch & Deploy : Design and execute patch deployment strategies and software rollouts. Certificate Manager : Track, manage, and alert on endpoint certificates across the enterprise. Performance & Impact : Monitor and analyze endpoint performance metrics and operational impact. Interact : Build and optimize Tanium sensors, packages, and saved questions for visibility and control. Develop custom Tanium content (sensors,packages, dashboards) tailored to business and security requirements. Automate endpoint management tasks using PowerShell, Python, Shell, or VBScripts. Integrate Tanium with other tools (SIEMs, ITSM platforms, configuration management, XDR tools). Collaborate with security, infrastructure, and endpoint teams to support compliance, incident response, and operational efficiency. Provide documentation, training, and knowledge transfer to stakeholders and internal teams. Support lifecycle upgrades and health of Tanium infrastructure and endpoints. Required Qualifications: 5+ years of experience in IT security or endpoint management, with at least 3 years of direct Tanium platform experience. Deep knowledge and hands-on experience with multiple Tanium modules listed above. Proficiency in scripting languages: PowerShell, Python, Shell (Bash), and VBScript. Strong experience building and maintaining custom sensors, packages, and scheduled actions in Tanium. Familiarity with endpoint hardening standards, vulnerability management practices, and threat hunting methodologies. Experience with enterprise OS platforms (Windows, macOS, Linux). Excellent troubleshooting, documentation, and collaboration skills. Preferred Qualifications: Experience with Microsoft Defender for Endpoint and integration with Tanium. Familiarity with Intune, SCCM, JAMF, or other endpoint management platforms. Experience integrating Tanium with ServiceNow, or Sentinel. Tanium Certified Operator or Tanium Certified Administrator certification.