ST

Sr Endpoint Security Engineer

Job summary

New York
Engineering

Work model

Fully remote
Worldwide
3 weeks ago
Job description

Stefanini Group is looking for a Sr Endpoint Security Engineer for a globally recognized company! For interested applicants, click the apply button or you may reach out to Alfher Hidalgo for faster processing. Thank you!

We're looking for a Senior Endpoint Security Engineer to own and evolve our endpoint security and identity ecosystem across a modern, cloud-first environment.

This is a high-impact role where you'll lead strategy and hands-on execution across:

  • macOS endpoint management (Jamf Pro)
  • Apple Business Manager
  • Identity platforms (Entra ID, Okta, Google Workspace)
  • EDR/XDR (CrowdStrike or similar, including managed SOC integrations)

You'll help drive Zero Trust architecture, automate device lifecycle management, and improve enterprise security posture at scale.

What You'll Do

Endpoint Security (macOS-Focused)

  • Own and manage Jamf Pro for macOS fleet (configuration, compliance, patching)
  • Lead Apple Business Manager integration for automated device enrollment & lifecycle
  • Implement endpoint hardening (CIS benchmarks, encryption, policy enforcement)

Threat Detection & Response

  • Deploy & optimize CrowdStrike (or equivalent EDR/XDR)
  • Partner with MDR/MSSP providers for 24/7 threat coverage
  • Investigate alerts, tune detections, and improve response playbooks

Identity & Access (Zero Trust Enablement)

  • Integrate and manage: Microsoft Entra ID (Azure AD), Okta (SSO, MFA, lifecycle), and Google Workspace (existing identity layer)
  • Build conditional access policies tied to device posture
  • Enable seamless SSO and identity federation

Automation & Integration

  • Automate provisioning/deprovisioning across Jamf, Okta, Entra ID, Google Workspace
  • Build scripts (Python/Bash) and API integrations
  • Integrate with SIEM/SOAR platforms (e.g., Sentinel, Splunk)

Compliance & Governance

  • Support SOX / SOC 2 / ISO audit readiness
  • Maintain endpoint and identity security documentation
  • Deliver reporting on device compliance, vulnerabilities, and incidents

Required Experience

  • 5 years in endpoint security or endpoint engineering
  • Strong hands-on experience with: Jamf Pro (macOS management is a must), Apple Business Manager, CrowdStrike or similar EDR/XDR
  • Identity platform experience: Entra ID (Azure AD), Okta
  • Experience in Google Workspace environments
  • Solid understanding of Zero Trust and endpoint security frameworks
  • Scripting: Python, Bash, or PowerShell

Nice-to-Haves (Stand Out Candidates)

  • Jamf / CrowdStrike / Okta certifications
  • Experience with MDR/MSSP environments
  • SIEM tools (Splunk, Sentinel)
  • Experience in SOX-compliant environments
  • API integrations across security platforms

#LI-REMOTE

#LI-AH1